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(57) A data transmitting and receiving method for 
improving transmission and reception efficiency can be 
obtained by improving the security through update of a 
control key and reduction of the frequency of the 
authentication and key exchange process. An STB 1 
transmits encrypted digital data Kw (D) obtained by 
encrypting digital data D using a work key Kw, and an 
encrypted work key Kc (Kw) obtained by encrypting the 
Kw using a control key Kc. The Kc is periodically or non- 
periodtcalty updated, and an identifier L identifying the 
Kc is assigned to each Kc. A VTR device 2 decrypts the 
received Kc (Kw) using the Kc obtained by performing 
the authentication and key exchange process with the 
STB 1 , decrypts the Kw (D) received using the Kw to 
obtain the D. h is determined whether or not the Kc has 
been updated while the reception process is suspended 
by referring to the transmitted L when the reception 
process is suspended and then resumed. If it is deter- 
mined that the Kc has been updated, then the authenti- 
cation and key exchange process is performed again to 
obtain the updated Kc. 
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Description 

Technical Field 

[0001 J The present invention relates to a data trans- 
mitting/receiving method, a data transmission appara- 
tus, a data reception apparatus, a data 
transmission/reception system, and a medium storing a 
program to direct a computer to perform all or a part of 
the function of means provided in each of the above 
described apparatuses. 

[0002] In addition, the present invention relates to 
transmission of AV contents encrypted in different 
encrypting methods, and reception of the AV contents. 

Background Art 

[0003] There are two conventional technologies, 
that is, a first conventional technology, and a second 
conventional technology, as described below. 
[0004] First, the first conventional technology is 
described below. If data is to be provided only for a spe- 
cific user, means, etc., then a method for preventing 
other users or means than the specific user or means 
from accessing the data is used by the transmission 
side encrypting and transmitting the data, and the 
reception side decrypting and uses the encrypted data. 
[0005] The above described method is described 
below by referring to an example in which data is trans- 
mitted and received from an STB (Set Top Box, that is, 
a satellite broadcast receiver) for satellite broadcast to a 
VTR device for recording satellite broadcast data. In this 
method, data is encrypted to record correct satellite 
broadcast data only in the VTR device registered as a 
subscriber for recording satellite broadcast. 
[0006] FIG. 14 shows a configuration of a conven- 
tional data transmission and reception system in which 
an STB for satellite broadcast functions as a data trans- 
mission device, and a VTR device functions as a data 
reception device. The configuration shows only the 
components relating to the transmission and reception 
of data between the STB and the VTR device, and 
reception means, etc. for receiving data from a satellite 
to the STB, and recording means, etc. for recording data 
to a recording medium in the VTR device are not shown 
here. The present system includes: an STB 101 for con- 
verting an electric wave received from a satellite into AV 
data and transmitting the data to a VTR device 102; and 
the VTR device 102 for recording the AV data transmit- 
ted from the STB 101 in the recording medium. 
[0007] The STB 101 includes: encryption means 
1 1 1 for periodically or non-periodically updating a work 
key Kw. performing a first encryption process using the 
work key Kw on digital data D obtained by converting an 
electric wave received from a satellite into AV data so 
that the digital data D can be converted into encrypted 
digital data Kw (D), and transmitting the result to the 
VTR device 1 02; a key encryption means 1 12 for gener- 



ating a control key Kc, performing a second encryption 
process using the control key Kc on the work key Kw so 
that the work key Kw can be converted into an 
encrypted work key Kc (Kw), and transmitting the result 

5 to the VTR device 102; a transmission side authentica- 
tion and key exchange means 113 for performing an 
authentication and key exchange process with the VTR 
device 102; and a D-i/F (digital interface) 114 ford irectly 
transmitting and receiving data to and from a D-t/F 124 

w ol the VTR device 102. 

[0008] The VTR device 102 includes: the D-l/F 124 
- —for directly transmrtting and receiving^data ttrand from - 
the D-l/F 1 14 of the STB 101 ; a reception side authenti- 
cation and key exchange means 123 for performing an 

is authentication and key exchange process with the 
transmission side authentication and key exchange 
means 113 of the STB 101 ; key restoration means 122 
for decrypting the encrypted work key Kc (Kw) using the 
control key Kc obtained through the reception side 

20 authentication and key exchange means 123, and 
restoring the work key Kw; and decryption means 121 
for decrypting the encrypted digital data Kw (D) using 
the work key Kw restored by the key restoration means 
122, and restoring the digital data D. 

25 [0009] The data transmitted from the STB 101 to 
the VTR device 102 is the encrypted digital data Kw (D), 
the encrypted work key Kc (Kw), and the control key Kc. 
However, since the encrypted digital data Kw (D) and 
the encrypted work key Kc (Kw) are encrypted data, 

30 and the control key Kc is transmitted after the transmis- 
sion side authentication and key exchange means 113 
and the reception side authentication and key exchange 
means 123 perform an authentication process, the sys- 
tem has high security against the third party who is ille- 

35 gaily using data. 

[001 0] Described below is the second conventional 
technology. As described above, in recent years there 
has been developed a technology for transmitting AV 
contents (AV data) such as movies, etc. using a digital 

40 signal, and receiving the AV contents. 

[0011] A transmission device for transmitting such 
AV contents encrypts AV contents before transmission 
to protect the AV contents. A reception device receives 
and decrypts the encrypted AV contents, and displays 

45 the AV contents on the monitor. 

[001 2] As described above, the transmission device 
encrypts the AV contents. However, there are plural 
types of encrypting methods for encrypting the AV con- 
tents. For example, if the reception device is a normal 

so domestic electric appliance such as a television, etc., 
then a "basic encrypting method" referred to as a base- 
line cipher such as M6, Blowfish, etc. is used corre- 
sponding to the domestic electric appliance. On the 
other hand, if, for example, the reception device is an 

55 appliance having a high-level arithmetic operations 
capability such as a personal computer, etc., then an 
"extended encrypting method" such as DES or the like 
which is more complicated and has a higher encryption 
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level is used. 

[0013] As in the conventional technology, the 
objects of the present invention exist corresponding to 
each of the first and second conventional technologies. 
Therefore, the objects are sequentially described below. s 
[0014] First, the object corresponding to the first 
conventional technology is described below. As 
described above, the control key Kc is transmitted after 
being authenticated. However, if the same control key 
Kc is continuously used, it may probably be decrypted io 
by the third party. Therefore, the system can have 
higher security by periodically or non-periodically updat- 
ing the control key Kc. However, since it is necessary to 
perform the authentication and key exchange process 
each time the control key Kc is updated, it is strongly is 
demanded to minimize the frequency of the authentica- 
tion and key exchange process for the purpose of 
reducing the load onto the system and improving the 
transmission and reception efficiency. 
[0015] FIG. 15 shows a relationship between the 20 
execution of the control key update process and the 
authentication and that of key exchange process when 
the control key is updated by the conventional data 
transmission and reception system. The horizontal axis 
indicates the passage of time. The bar in the first row 25 
indicates that the STB is transmitting a data signal. The 
arrow in the second row indicates the range in which the 
same control key Kc is used. FIG. 15 shows that control 
key Kc [1] is updated into control key Kc [2]. The bars in 
the third through fifth rows indicate that the VTR device 30 
is in a reception state. The ranges in which the bars are 
broken indicate that the reception is suspended. The 
two vertical arrows in the third through fifth rows indicate 
that the authentication and key exchange process has 
been performed. 35 
[0016] Since the VTR device in case 1 is not sus- 
pended after starting the reception, it performs the 
authentication and key exchange process after starting 
the reception, and afterwards performs the authentica- 
tion and key exchange process only when the control 40 
key Kc is updated. Since the VTR device in cases 2 and 
3 is suspended after starting the reception, it is required 
to perform the authentication and key exchange proc- 
ess when resuming the reception. Especially, although 
the VTR device in case 3 is suspended only for a short 45 
time without update of the control key Kc when the 
reception is resumed, the authentication and key 
exchange process is to be performed again, thereby 
increasing the total frequency of the authentication and 
key exchange process to be performed as compared so 
with the other cases. 

[0017] The present invention has been developed 
to solve the above described problems of the conven- 
tional data transmitting and receiving method, and the 
conventional data transmission and reception system, ss 
and aims at providing a data transmitting and receiving 
method, a data transmission apparatus, a data recep- 
tion apparatus, a data transmission and reception sys- 



4 

tern for improving the transmission and reception 
efficiency by improving the security by updating a con- 
trol key, and reducing the frequency of the authentica- 
tion and key exchange process, and a program 
recording medium storing a program executed to direct 
a computer to perform all or a part of the function of 
means provided in each of the above described appara- 
tuses. 

[001 8] The second conventional technology has the 
following problems. If the transmission device used 
when the second conventional technology is described 
is an appliance having a high-level arithmetic operations 
capability, such as a personal computer or the like, 
transmitting the AV contents through an IEEE 1 394 bus, 
and the reception device receives the AV contents 
through the IEEE 1394 bus, and if, as described above, 
the reception device has a high-level arithmetic opera- 
tions capability, such as a personal computer or the like, 
then the reception device can decrypt the AV contents 
although the transmission device uses the "extended 
encrypting method" by encrypting and transmitting the 
AV contents, thereby no problems arise. 
[0019] However, for example, a normal domestic 
electric appliance such as a set top box (satellite broad- 
cast receiver) 59 as well as a personal computer 58, 
that is. a reception device can also be connected to a 
transmission device 57 through the IEEE 1394 bus as 
shown in FIG. 16. In this case, assume that the trans- 
mission device 57 encrypts and transmits the AV con- 
tents in the "extended encrypting method;" The , 
personal computer 58 receives and decrypts the AV 
contents, and the set top box 59 tries to receive and 
decrypts the AV contents during the transmission. How- 
ever, since the set top box 59 cannot use the "extended 
encrypting method," it cannot decrypt the AV contents. 

Disclosure of the Invention 

[0020] As described above, the present invention 
aims at providing, in view of the problem that an AV con- 
tents reception device which cannot use a first encrypt- 
ing method cannot decrypt the AV contents when the 
AV contents transmission device is transmitting the AV 
contents encrypted in the first encrypting method, an AV 
contents transmitting method for allowing the AV con- 
tents reception device which cannot use the first 
encrypting method to decrypt the AV contents when the 
AV contents transmission device is transmitting the AV 
contents encrypted in the first encrypting method. 
[0021 ] The present invention also aims at providing 
an AV contents transmitting device for allowing the AV 
contents reception device which cannot use the first 
encrypting method to decrypt the AV contents when the 
AV contents encrypted in the first encrypting method is 
being transmitted. 

[0022] The present invention further aims at provid- 
ing an AV contents transmitting method and an AV con- 
tents receiving method capable of allowing an AV 
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contents reception device, which is receiving and 
decrypting the AV contents encrypted in the first 
encrypting method in addition to an AV contents recep- 
tion device which cannot use the first encrypting 
method, to continuously decrypt the AV contents when 5 
the above described AV contents transmitting method is 
used. 

[0023] Furthermore, the present invention aims at 
providing an AV contents reception device, provided in 
addition to an AV contents reception device which can- w 
not use the first encrypting method and which the above 
described AV contents transmission device tries to 
allow to decrypt the AV contents, for continuously 
decrypting the AV contents encrypted in the first 
encrypting method. rs 
[0024] To solve the above-mentioned problems, the 
1st invention of the present invention (corresponding to 
claim 1) is a data transmitting and receiving method in 
which: 

20 

on a transmission side, encrypted digital data 
obtained by performing a first encryption process 
on digital data using a work key, and an encrypted 
work key obtained by performing a second encryp- 
tion process on the work key using a control key, 25 
are transmitted, and 

on a reception side, the encrypted work key is 
received and decrypted using the control key 
obtained by performing an authentication and key 
exchange process with the transmission side, and 30 
the encrypted digital data is received and decrypted 
using the decrypted work key, thereby obtaining the 
digital data, characterized in that: 
on said transmission side, the control key is period- 
ically or non-periodically updated, an identifier iden- 35 
tifying the control key is assigned for each control 
key; and 

on said reception side, when a reception process is 
suspended and then resumed, it is determined 
whether or not the control key has been updated 40 
while the reception process is being suspended by 
referring to the identifier transmitted from the trans- 
mission side, and. when it is determined that the 
control key has been updated, the authentication 
and key exchange process is performed again, 45 
thereby obtaining the updated control key. 

[0025] The 2nd invention of the present invention 
(corresponding to claim 6) is a data transmission appa- 
ratus, characterized by comprising: 



encryption means periodically or non-periodically 
updating/generating a work key. performing a first 
encryption process on digital data using the work 
key to convert the digital data into encrypted digital 
data, and transmitting the encrypted digital data to 
a data reception apparatus; 
a key encryption means periodically or non-period- 
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ically updating/generating a control key, performing 
a second encryption process on the work key using 
the control key to convert the work key into 
encrypted work key, and transmitting the encrypted 
work key to the data reception apparatus; 
a transmission side authentication and key 
exchange means performing an authentication and 
key exchange process with the data reception 
apparatus; 

identifier generation means generating an identifier 
identifying the control key; and 
— identif ier transmission s means-transmitting the iden- 
tifier to the data reception apparatus. 

[0026] The 3rd invention of the present invention 
(corresponding to claim 8) is a data reception appara- 
tus, characterized by comprising: 

a reception side authentication and key exchange 
means performing an authentication and key 
exchange process with a data transmission appara- 
tus; 

key restoration means restoring a work key by 
decrypting an encrypted work key converted by 
performing a second encryption process on the 
work key using a control key, said restoring process 
being performed using the control key obtained 
through said reception side authentication and key 
exchange means; 

decryption means restoring digital data by decrypt- 
ing encrypted digital data converted by performing 
a first encryption process on the digital data using 
the work key, said decrypting process being per- 
formed using the work key restored by said key res- 
toration means; and 

identifier recognition means determining whether or 
not the control key has been updated by referring to 
an identifier identifying the control key transmitted 
from said data transmission apparatus at least 
when a reception process is suspended and then 
resumed, and, when it is determined that the con- 
trol key has been updated, instructing said recep- 
tion side authentication and key exchange means 
to perform again the authentication and key 
exchange process to obtain the updated control 
key. 

[0027] The 4th invention of the present invention 
(corresponding to claim 14) is a data transmission and 
reception system, characterized by comprising: 

a data transmission apparatus according to the 
present invention and a data reception apparatus- 
according to the present invention. 

[0028] The 5th invention of the present invention 
(corresponding to claim 15) is a computer readable pro- 
gram recording medium, characterized by storing a pro- 
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gram for directing a computer to perform each function 
of all or a part of each component of the data transmis- 
sion apparatus and the data reception apparatus 
according to the present invention. 
[0029] The 6th invention of the present invention 
(corresponding to claim 16) is an AV contents transmit- 
ting method, characterized by comprising the step of: 

encrypting and transmitting AV contents in a sec- 
ond encryption method which can be used by an AV 
contents reception apparatus which cannot use a 
first encrypting method and issues an authentica- 
tion request when an AV contents transmission 
apparatus transmits the AV contents encrypted in 
the first encrypting method using a transmission 
line. 

[0030] The 7th invention of the present invention 
(corresponding to claim 17) is the AV contents transmit- 
ting method according to the 6th invention of the 
present invention, characterized in that when the 
authentication request is issued, and when there is an 
AV contents reception apparatus which receives and 
decrypts AV contents encrypted in the first encrypting 
method in addition to an AV contents reception appara- 
tus which has issued the authentication request, the AV 
contents reception apparatus which receives and 
decrypts the AV contents in the first encrypting method 
is notified that an encrypting method is switched into the 
second encrypting method. 

[0031] The 8th invention of the present invention 
(corresponding to claim 18) is the AV contents transmit- 
ting method according to the 7th invention of the 
present invention, characterized in that a notification of 
switching the encrypting method is given in a predeter- 
mined command or is added to the AV contents. 
[0032] The 9th invention of the present invention 
(corresponding to claim 19) is the AV contents transmit- 
ting method according to the 8th invention of the 
present invention, characterized in that information 
about what encrypting method is used as the second 
encrypting method after the switch is given in a prede- 
termined command or is added to the AV contents. 
[0033] The 10th invention of the present invention 
(corresponding to claim 20) is the AV contents transmit- 
ting method according to the 8th invention of the 
present invention, characterized in that an encryption 
key or a seed of the encryption key used in the second 
encrypting method after the switch is given in a prede- 
termined command or is added to the AV contents. 
[0034] The 11th invention of the present invention 
(corresponding to claim 21) is the AV contents transmit- 
ting method according to the 6th invention of the 
present invention, characterized in that a witching tim- 
ing of the encrypting method is an updating timing for an 
encryption key in the first encrypting method used 
before the authentication request is issued. 
[0035] The 12th invention of the present invention 



(corresponding to claim 22) is the AV contents transmit- 
ting method according to the 7th invention of the 
present invention, characterized in that a notification 
that the encrypting method is to be switched into the 

5 second encrypting method, and information about a 
switching timing of the encrypting method are transmit- 
ted to at least the AV contents reception apparatus 
which receives and decrypts the AV contents encrypted 
in the first encrypting method. 

io [0036] The 13th invention of the present invention 
(corresponding to claim 23) is the AV contents transmit- 
ting method according to the 6th invention ol the 
present invention, characterized in that: 

is said AV contents transmission apparatus stores an 
AV contents reception apparatus which issued the 
authentication request; and 
H is determined whether or not a command request- 
ing an encryption key for decryption of the AV con- 

20 tents or a seed of the encryption key is received 
from the AV contents reception apparatus, and 
when the command is not received, the encrypting 
method is switched from the second encrypting 
method to the first encrypting method. 

25 

[0037] The 14th invention of the present invention 
(corresponding to claim 24) is the AV contents transmit- 
ting method according to the 6th invention of the 
present invention, characterized in that: 

30 

said AV contents transmission apparatus checks 
the encrypting method available by each of the AV 
contents reception apparatus which issued the 
authentication request and the other AV contents 

35 reception apparatus; and 

when an AV contents reception apparatus transmit- 
ting a command requesting an encryption key for 
decryption of the AV contents and the seed of the 
encryption key is an AV contents reception appara- 

40 tus capable of using the first encrypting method, the 
encrypting method is switched from the second 
encrypting method to the first encrypting method. 

[0038] The 15th invention of the present invention 
45 (corresponding to claim 25) is a program recording 
medium, characterized by storing a program for direct- 
ing a computer to perform each function of all or a part 
of each step of the AV contents transmitting method 
according to any one of the 6th through 14th inventions 
so of the present invention. 

[0039] The 16th invention of the present invention 
(corresponding to claim 26) is an AV contents receiving 
method, characterized by comprising the steps of: 

55 receiving AV contents transmitted from the AV con- 
tents transmitting method according to any one of 
the 6th through 14th inventions of the present 
invention; and 
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decrypting the encrypted AV contents based on an 
encrypting method used when the AV contents are 
encrypted and using an encryption key used in the 
encrypting method or a seed of the encryption key. 

[0040] The 1 7th invention of the present invention 
(corresponding to claim 27) is the AV contents receiving 
method according to the 1 6th invention, characterized in 
that: 

there is information about switching the encrypting 
- method transmitted together with or in the AV con- 
tents in the AV contents transmitting method 
according to any one of the 6th through 14th inven- 
tions of the present invention; and is 
when the information contains none or one of the 
information about what encrypting method is used 
after the switch, and the encryption key used in the 
encrypting method or a seed of the encryption key, 
the information about what encrypting method is 20 
used after the switch, or the encryption key used in 
the encrypting method or a seed of the encryption 
key, whichever is not contained in the information 
relating to the switch of the encrypting method, is to 
be transmitted to the AV contents transmission 25 
apparatus. 

[0041] The 18 invention of the present invention 
(corresponding to claim 28) is a program recording 
medium, characterized by storing a program for direct- 30 
ing a computer to perform each function of all or a part 
of each step of the AV contents receiving method 
according to the 16th or 17th invention of the present 
invention. 

[0042] The 19th invention of the present invention 35 
(corresponding to claims 29) is an AV contents trans- 
mission apparatus, characterized by comprising: 

encrypting method selection means selecting an 
encrypting method used when AV contents to be 40 
transmitted are encrypted; 
encryption key generation means generating an 
encryption key for encrypting AV contents corre- 
sponding to the encrypting method selected by said 
encrypting method selection means; 45 
encryption means receiving AV contents, also 
receiving the encryption key from the encryption 
key generation means, and encrypting the AV con- 
tents; and 

a transmission side authentication and key so 
exchange means performing an authentication and 
\ ^ key exchange process with an AV contents recep- 

tion apparatus, wherein 

when the AV contents reception apparatus is trans- 
mitting the AV contents encrypted in the first 55 
encrypting method selected by said encrypting 
method selection means, and when the AV con- 
tents reception apparatus which cannot use the first 



encrypting method issues an authentication 
request, the transmission side authentication and 
key exchange means performs an authentication 
process with the AV contents reception apparatus 
which issued the authentication request, and 
said encrypting method selection means switches 
the encrypting method into the second encrypting 
method the AV contents reception apparatus which 
issued the authentication request can use. 

[0043] The 20th invention of the present invention 
(corresponding to claim 30) is the^AV contents transmis- ^ 
sion apparatus according to the 19th invention of the 
present invention, characterized by further comprising 
an encrypting method notification means issues a notifi- 
cation that the encrypting method is switched into the 
second encrypting method to an AV contents reception 
apparatus which is provided in addition to the AV con- 
tents reception apparatus which issues an authentica- 
tion request, and receives and decrypts the AV contents 
encrypted in the first encrypting method. 
[0044] The 21st invention of the present invention 
(corresponding to claim 31) is the AV contents transmis- 
sion apparatus according to the 1 9th invention of the 
present invention, characterized in that; 

said encryption key generation means periodically 
or non-periodically updates the encryption key; 
said encrypting method selection means switches 
the encrypting method into the second encrypting 
method at a timing of said encryption key genera- 
tion means updating the encryption key in the first 
encrypting method. 

[0045] The 22nd invention of the present invention 
(corresponding to claim 32) is the AV contents transmis- 
sion apparatus according to the 19th invention of the 
present invention, characterized in that 

said transmission side authentication and key 
exchange means stores an AV contents reception 
apparatus which issued the authentication request, 
and 

it is determined whether or not a command request- 
ing an encryption key for decryption of the AV con- 
tents or a seed of the encryption key is received 
from the AV contents reception apparatus; and 
when the command is not received, said encryption 
key generation means switches the encrypting 
method from the second encrypting method to the 
first encrypting method. 

[0046} The 23rd invention of the present invention 
(corresponding to claim 33) is the AV contents transmis- 
sion method according to the 29th invention of the 
present invention, characterized in that: 

said transmission side authentication and key 
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exchange means checks the encrypting method 
available by each of the AV contents reception 
apparatus which issued the authentication request 
and the other AV contents reception apparatus; and 
when an AV contents reception apparatus transmit- s 
ting a command requesting an encryption key for 
decryption of the AV contents and the seed of the 
encryption key is an AV contents reception appara- 
tus capable of using the first encrypting method, 
said encryption key generation means switches the io 
encrypting method from the second encrypting 
method to the first encrypting method. 

[0047] The 24 invention of the present invention 
(corresponding to claim 34) is the AV contents reception is 
apparatus according to any one of the 19th through 
23rd inventions of the present invention, characterized 
by further comprising: 

a reception side authentication and key exchange 20 
means performing an authentication and key 
exchange process with said AV contents reception 
apparatus; 

encrypting method storage means receiving and 
information about an encrypting method used in 25 
encrypting AV contents from said AV contents 
transmission apparatus; and 
decryption means receiving encrypted AV contents 
from the AV contents transmission apparatus, 
receiving an encryption key or a seed of the encryp- 30 
tion key from said AV contents transmission appa- 
ratus, and decrypting the encrypted AV contents 
using the encryption key of the seed of the encryp- 
tion key based on the encrypting method stored in 
said encrypting method storage means. 35 

[0048] The 25th invention of the present invention 
(corresponding to claim 35) is the AV contents reception 
apparatus according to the 24th invention of the present 
invention, characterized by further comprising: 40 

request means requesting transmitting information 
such that; 

there is information about switching the encrypting 
method transmitted together with or in the AV con- 45 
tents from the AV contents transmission apparatus 
according to any one of the 19th through 23rd 
inventions of the present invention, and 
when the information contains none or one of the 
information about what encrypting method is used so 
after the switch, and the encryption key used in the 
encrypting method or a seed of the encryption key, 
the information about what encrypting method is 
used after the switch, or the encryption key used in 
the encrypting method or a seed of the encryption ss 
key, whichever is not contained in the information is 
to be transmitted. 



Brief Description of the Drawings 
[0049] 

FIG. 1 shows a configuration of the data transmis- 
sion and reception system according to a first 
embodiment of the present invention; 
FIG. 2 is a flowchart showing the procedure in the 
method in which an STB 1 encrypts and transmits 
data, and a VTR device 2 decrypts the encrypted 
data and uses the data in the data transmission and 
reception system according to the first embodiment 
of the present invention; 

FIG. 3 is a flowchart showing the procedure in 
which a reception process is suspended, and then 
the reception is resumed in the data transmission 
and reception system according to the first embod- 
iment of the present invention; 
FIG. 4 shows the relationship between the execu- 
tion of a control key update process and that of an 
authentication and key exchange process of the 
data transmission and reception system according 
to the first embodiment of the present invention; 
FIG. 5 shows the configuration of the data transmis- . 
sion and reception system according to a second 
embodiment of the present invention; 
FIG. 6 is a flowchart showing the procedure in the 
method in which an STB 1 encrypts and transmits 
data, and a VTR device 2 decrypts the encrypted 
data and uses the data in the data transmission and 
reception system according to the second embodi- 
ment of the present invention; 
FIG. 7 is a flowchart showing the procedure in 
which a reception process is suspended, and then 
the reception is resumed in the data transmission 
and reception system according to the second 
embodiment of the present invention; 
FIG. 8 shows the relationship between the execu- 
tion of a control, key update process and that of an 
authentication and key exchange process of the 
data transmission and reception system according 
to the second embodiment of the present invention; 
FIG. 9 is a block diagram of an AV contents commu- 
nications system according to a third embodiment 
of the present invention; 

FIG. 10 shows the configuration of the data contain- 
ing AV contents and a command transmitted by an 
AV contents transmission device 31 of the AV con- 
tents communications system according to the third 
embodiment of the present invention; 
FIG. 1 1 is a flowchart showing a part of the opera- 
tions of the AV contents transmission device 31 of 
the AV contents communications system according 
to the third embodiment of the present invention; 
FIG. 12 is a flowchart showing a part of the opera- 
tions of an first AV contents reception device 32 of 
the AV contents communications system according 
to the third embodiment of the present invention; 
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FIG. 13 is another flowchart different from Fig. 1 1 
showing a part of the operations of the AV contents 
transmission device 31 of the AV contents commu- 
nications system according to the third embodiment 
of the present invention; 

FIG. 14 shows the configuration of the conventional 
data transmission and reception system; 
FIG. 15 shows a relationship between the execution 
of a control key update process and an authentica- 
tion and that of key exchange process when a con- 
trol key is updated in the conventional data 
transmission and reception system; and 
FIG. 16 illustrates the explanation of the problem of 
the second conventional technology. 

(Description of Symbols) 

[0050] 

1, 101 STB 

2, 102 VTR device 

11, 111 Encryption means 

12, 112 Key encryption means 

13, 113 Transmission side authentication and key 
exchange means 

14, 24,114. 124 D-l/F 

15 Identifier generation means 

16 Identifier transmission means 
21, 121 Decryption means 

22, 122 Key restoration means 

23, 123 Reception side authentication and key 
exchange means 

25 Identifier recognition means 

26 Identifier storage means 

27 Identifier request means 

31 AV contents transmission device 

32 First AV contents reception device 

33 Second AV contents reception device 

34 Antenna 
35, 36 Monitor 

37 Reception means 

38 Encryption means 

39 Kco generation means 

40 Encrypting method selection means 
41,46, 53 AKE means 

42 Encrypting method change notification means 

43 Kco request command response means 
44, 45, 52 Data transfer means 

47 Encrypting method notification detection means 

48, 54 Kco request command issue means 

49, 55 Kco storage means 

50 Encrypting method storage means 
51 , 56 Decryption means 

57 Transmission device 

58 Personal computer 

59 Set top box (satellite broadcast receiver) 



Best Mode for Carrying Out the Invention 

[0051] The embodiments of the present invention 
will be described below with reference to the attached 
5 drawings. 

(First Embodiment) 

[0052] The first embodiment of the present inven- 
w tion will be described below with reference to the 
attached drawings. 

[0053] FIG. i shows the configuration of the data 
transmission and reception system according to the first 
embodiment of the present invention. The configuration 

15 only shows the components relating to the transmission 
and reception of data between an STB and a VTR 
device. The reception means, etc. for receiving data 
from a satellite in an STB, and recording means, etc. in 
a recording medium in a VTR device are omitted in the 

20 attached drawings. The data transmission and recep- 
tion system according to the present embodiment trans- 
mits and receives data to and from a VTR device for 
recording satellite broadcast data from an STB for a sat- 
ellite broadcast, and comprises an STB 1 correspond- 

25 ing to the data transmission apparatus according to the 
present invention, and a VTR device 2 corresponding to 
the data reception apparatus according to the present 
invention. 

[0054] The STB 1 comprises: encryption means 1 1 

30 for periodically or non-periodically updating the work 
key Kw, performing the first encryption process using 
the work key Kw on the digital data D obtained by con- 
verting an electric wave received from a satellite into AV 
data so that the digital data D can be converted into the 

35 encrypted digital data Kw (D), and transmitting the 
result to the VTR device 2; a key encryption means 12 
for periodically or non-periodically updating the control 
key Kc, performing the second encryption process 
using the control key Kc on the work key Kw so that the 

40 work key Kw can he converted into the encrypted work 
key Kc (Kw). and transmitting the result to the VTR 
device 2; a transmission side authentication and key 
exchange means 13 for performing an authentication 
and key exchange process with the VTR device 2; a D- 

45 l/F (digital interface) 14 for directly transmitting and 
receiving data to and from a D-l/F 24 of the VTR device 
2; identifier generation means 15 for generating an iden- 
tifier L for specification of the control key Kc; and identi- 
fier transmission means 16 for transmitting the identifier 

so L to the VTR device 2. 

[0055] The VTR device 2 comprises: the D-l/F 24 
for directly transmitting and receiving data to and from 
the D-l/F 14 of the STB 1 ; a reception side authentica- 
tion and key exchange means 23 for performing an 

55 authentication and key exchange process with the 
transmission side authentication and key exchange 
means 13 of the STB 1; key restoration means 22 for 
decrypting the encrypted work key Kc (Kw) using the 
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control key Kc obtained through the reception side 
authentication and key exchange means 23; decryption 
means 21 tor decrypting the encrypted digital data Kw 
(D) using the work key Kw restored by the key restora- 
tion means 22, and restoring the digital data D; identifier 5 
recognition means 25 for determining whether or not the 
control key Kc has been updated by referring to an iden- 
tifier L for specification of the control key Kc transmitted 
from the STB 1 at least when a receiving operation is 
resumed after being suspended, and for performing 10 
again the authentication and key exchange process on 
the reception side authentication and key exchange 
means 23 to obtain an updated control key Kc when it is 
determined that the control key Kc has been updated; 
identifier storage means 26 for storing a transmitted 15 
identifier L; and identifier request means 27 for request- 
ing the identifier transmission means 16 in the STB 1 to 
transmit the identifier L when the receiving operation is 
resumed after being suspended. 

[0056] A D-l/F of an IEEE 1394 can be a practical 20 
example of the D-l/F 14 and 24. It performs two types of 
transfer, that is, an isochronous transfer appropriate for 
a transfer of data such as picture, voice, etc. requiring 
real-time guarantee; and an asynchronous transfer 
appropriate for a transfer of authentication and com- 25 
mands. etc. data not requiring the guarantee. 
[0057] The procedure of the method in which the 
STB 1 encrypts and transmits data, and the VTR device 
2 decrypts the encrypted data and uses the decrypted 
data in this system will be described below by referring 30 
to FIGS. 2 and 3. 

[0058] First, The procedure used in the normal 
transmission and reception processes is descrfoed by 
referring to FIG. 2. FIG. 2 is a flowchart showing the pro- 
cedure of the method in which the STB 1 encrypts and 35 
transmits data, and the VTR device 2 decrypts the 
encrypted data and uses the decrypted data in this sys- 
tem according to the first embodiment of the present 
invention. In FIG. 2, the process performed by the STB 
1 is shown on the left, and the process performed by the 40 
VTR device 2 is shown on the right. The transmission 
and reception of data between the STB 1 and the VTR 
device 2 is all performed through the D-l/F 14 and 24. 
However, in the description below, the explanation 
about the process is omitted. 45 
[0059] The key encryption means 12 starts trans- 
mitting data and simultaneously generates the control 
key Kc (step S1), and transmits the key to the transmis- 
sion side authentication and key exchange means 13 
and the identifier generation means 15. The identifier so 
generation means 15 generates an identifier L for spec- 
ification of the control key Kc, and transmits it to the 
identifier transmission means 16 (step S2). The trans- 
mission side authentication and key exchange means 
1 3 performs the authentication and key exchange proc- ss 
ess with the reception side authentication and key 
exchange means 23 to transmit the control key Kc to the 
VTR device 2 (steps S3 and S4). At this time, the iden- 



16 

trfier transmission means 16 transmits the identifier L 
corresponding to the transmitted control key Kc to the 
identifier recognition means 25. On the VTR device 2 
side, the reception side authentication and key 
exchange means 23 transmits the received control key 
Kc to the key restoration means 22, and the identifier 
recognition means 25 transmits the received identifier L 
to the identifier storage means 26 and stores it therein 
(step S5). At this time, the identifier storage means 26 
overwrites the old identifier L previously stored in the 
identifier storage means 26. 

[0060] On the other hand, on the STB 1 side, the 
encryption means 1 1 generates the work key Kw (step 
S6), and transmits it to the key encryption means 12. 
The key encryption means 12 performs the second 
encryption process on the work key Kw using the con- 
trol key Kc generated in step S1, converts it into the 
encrypted work key Kc (Kw), and transmits it to the key 
restoration means 22 (step S7). On the VTR device 2 
side, the key restoration means 22 decrypts the 
encrypted work key Kc (Kw) transmitted from the key 
encryption means 12 using the control key Kc received 
by the reception side authentication and key exchange 
means 23 in step S4, restores the work key Kw, and 
transmits it to the decryption means 21 (step S8). 
[0061] On the STB 1 side, the encryption means 1 1 
performs the first encryption process on the digital data 
D obtained by converting the electric wave received 
from a satellite into AV data using the work key Kw gen- 
erated in step S6, converts it into the encrypted digital 
data Kw (D), and transmits the result to the decryption 
means 21 (step S9). On the side of VTR device 2, the 
decryption means 21 decrypts the received encrypted 
digital data Kw (D) using the work key Kw restored in 
step S8, and restores the digital data D (step S10). 
[0062] On the VTR device 2 side, if the reception 
process is suspended for any reason, and the process 
has to be resumed, then control is passed to A shown in 
FIG. 3. If the reception process is not suspended, then 
control is passed to step S12 (step Si 1). If the reception 
process does not terminate, then control is passed to 
step S13 (step S12). Refer to the explanation described 
later if the reception process is suspended, and the 
process is to be resumed. 

[0063] tn step S9, rf the data in 1 means has been 
completed, then it is determined whether or not the 
work key Kw is to be updated for the next means (step 
$13). If yes, then control is passed to step $6, and the 
process similar to that of the above described proce- 
dure is performed, rf the work key Kw is not updated, 
then it is determined whether or not the control key Kc is 
to be updated (step S14). If yes, control is passed to 
step Si, and the process similar to that of the above 
described procedure is performed. Provided, there can 
be the case in which the control key Kc is updated, but 
the work key Kw is not updated. In this case, the proc- 
ess in step S6 is omitted. When the control key Kc is not 
updated, control is passed to step S9 (step S1 5), except 
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the termination of the transmission, and after this, the 
process similar to that of the above described proce- 
dure is performed. 

[0064] Next, the procedure of resuming the recep- 
tion process after the process is suspended will be 
described below by referring to FIG. 3. FIG. 3 is a flow- 
chart of the procedure used when the reception process 
is resumed after being suspended in the data transmis- 
sion and reception system according to the first embod- 
iment of the present invention. Also in FIG. 3, as in FIG. 
2, the process performed by the STB 1 is shown on the 
left, and the process performed by the VTR device 2 is 
shown on the right Furthermore, as in FIG. 2, the data 
transmission and reception between the STB 1 and the 
VTR device 2 is performed through the D-l/F 14 and 24, 
but the explanation is also omitted in the following 
description. 

[0065] In step S1 1 shown in FIG. 2, if the reception 
process is suspended, and is to be resumes, then the 
identifier request means 27 requests the identifier trans- 
mission means 1 6 to transmit an identifier L (step S 1 6). 
In response to the request, the identifier transmission 
means 16 transmits the identifier L to the identifier rec- 
ognition means 25 (step S17). The identifier recognition 
means 25 compares in step S5 the transmitted identifier 
L with the identifier L stored in the identifier storage 
means 26. If the transmitted identifier L is different from 
the stored identifier L. then step S4 shown in FIG. 2 is 
processed. If they match each other, step S8 in FIG. 2 is 
processed(steps S18 and S19). When step S4 is proc- 
essed, the reception side authentication and key 
exchange means 23 performs the authentication and 
key exchange process with the transmission side 
authentication and key exchange means 13 at the 
instruction of the identifier recognition means 25, 
thereby obtaining the control key Kc corresponding to 
the transmitted identifier L (step S4). Then, the process 
similar to that of the procedure shown in FIG. 2 is per- 
formed. When step S8 is processed, then the procedure 
relating to obtaining the control key Kc is not used, but 
the key restoration means 22 decrypts the encrypted 
work key Kc (Kw) using the control key Kc correspond- 
ing to the stored identifier L which had been used before 
suspending the reception process, thereby restoring the 
work key Kw (step S8). Then, the process similar to that 
of the procedure shown in FIG. 2 is performed. 
[0066] That is, since the transmission and reception 
process can be performed on the identifier L without the 
encryption process, etc., the identifier L is transmitted 
and received before performing the authentication and 
key exchange process which requires a heavy load on a 
system, and then it is determined whether or not the 
control key Kc has been updated according to the iden- 
tifier L Only if it has been updated, the load onto the 
system can be reduced by performing the authentica- 
tion and key exchange process. 
[0067] FIG. 4 shows the execution of relationship 
between the control key update process and the 



authentication and key exchange process of the data 
transmission and reception system according to the first 
embodiment of the present invention. The horizontal 
axis indicates the passage of time. The bar in the first 

5 row indicates that the STB is transmitting a data signal. 
The arrow in the second row. indicates the range in 
which the same control key Kc is used. The present Fig- 
ure shows that Kc [1] is updated into Kc [2]. The bars in 
the third through fifth rows indicate that the VTR device 

;g> in each case is in a reception state. The ranges in which 
the bars are broken indicate that the reception is sus- 

— pended. The two vertical arrows in the third through fifth 
rows indicate that the authentication and key exchange 
process has been performed. The up-arrow indicates 

? 5 that the identifier request means 27 has requested the 
identifier transmission means 16 to transmit an identifier 
L. The down-arrow indicates that the identifier transmis- 
sion means 16 has transmitted an identifier L 
[0068] Since the VTR device in case 1 is not sus- 

20 pended after starting the reception process, it performs 
the authentication and key exchange process after it 
starts the reception process as in the conventional 
example. Afterwards, it performs the authentication and 
key exchange process only when the control key Kc is 

25 updated. The VTR device in case 2 is suspended after 
starting the reception process as in the conventional 
example, and resumes the reception process after 
updating the control key Kc. Therefore, it should be con- 
firmed by transmitting an identifier L, and perform again 

30 the authentication and key exchange process as in the 
conventional example. Since the VTR device in case 3 
is suspended for a short time, the control key Kc is not 
updated when the reception process is resumed. There- 
fore, it is confirmed by transmitting an identifier L, and 

35 the key restoration process can be continued without 
performing again the authentication and key exchange 
process using the control key Kc used before the recep- 
tion process is suspended. That is, as compared with 
the conventional technology, the data transmission and 

40 reception system according to the present embodiment 
can reduce the frequency of performing the authentica- 
tion and key exchange process which requires a heavy 
load onto the system. 

45 (Second Embodiment) 

[0069] The second embodiment of the present 
invention will be described below with reference to the 
attached drawings. The point different from the above 

so described first embodiment is that the data reception 
apparatus according to the present invention does not 
comprise identifier request means according to the 
present invention. Therefore, according to the present 
embodiment, components also used in the above 

55 described first embodiment are assigned the same 
codes, and the detailed explanation is omitted here. In 
addition, unless specifically described, refer to the 
descriptions in the first embodiment 
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[0070] FIG. 5 shows the configuration of the data 
transmission and reception system according to the 
second embodiment of the present invention. The con- 
figuration of the data transmission and reception system 
according to the present embodiment is different from 
the configuration of the data transmission and reception 
system according to the first embodiment shown in FIG. 
1 in that the VTR device 2 does not comprise the identi- 
fier request means 27, that the encryption means 1 1 of 
the STB 1 does not update the work key Kw after the 
control key Kc is updated until the authentication and 
key exchange process is completed on the control key 
Kc; and that the identifier transmission means 16 of the 
STB 1 has the function of periodically or non-periodi- 
cally transmitting an identifier L to the VTR device 2. 
[0071] According to the present embodiment, the 
identifier transmission means 1 6 transmits an identifier 
L to the VTR device 2 each time the work key Kw is 
updated, and the encrypted work key Kc (Kw) corre- 
sponding to the updated work key Kw and simultane- 
ously the identifier L corresponding to the control key Kc 
at that time are transmitted together. However, the 
present embodiment is not limited to this application, 
but the transmission timing can be periodically or non- 
periodically set only if the updated Kc can be transmit- 
ted to the VTR device 2 without fail. 
[0072] The procedure of the method of the STB 1 
encrypting and transmitting data, and the VTR device 2 
decrypting and using the encrypted data in the present 
system will be described below with reference to FIGS. 
6 and 7. 

[0073] First, the procedure used in the normal 
transmission and reception process will be described 
with FIG. 6. FIG. 6 is a flowchart showing the procedure 
of the method of the STB 1 encrypting and transmitting 
data, and the VTR device 2 decrypting and using the 
encrypted data in the data transmission and reception 
system according to the second embodiment of the 
present invention. In the procedure of the normal trans- 
mission and reception process, the different point as 
compared with steps S1 through S15 shown in FIG. 2 
described about the first embodiment is that, when the 
key encryption means 12 transmits the encrypted work 
key Kc (Kw) to the key restoration means 22 in step S7, 
the identifier transmission means 16 transmits an iden- 
tifier L corresponding to the transmitted Kc to identifier 
recognition means 25, and that, in step S8, the identifier 
recognition means 25 transmits the received L to the 
identifier storage means 26 for storage. Other points are 
the same as in the first embodiment. Therefore, the 
detailed explanation is omitted here. 
[0074] The procedure used when the reception 
process is suspended and then resumed will be 
described with reference to FIG. 7. FIG. 7 is a flowchart 
showing the procedure in which the reception process is 
suspended and then resumed in the data transmission 
and reception system according to the second embodi- 
ment of the present invention, in FIG. 7, unless specifi- 



cally described, refer to the descriptions given by 
referring to FIG. 3. 

[0075] In step S11 shown in FIG. 6, when the 
reception process is suspended and then resumed, an 

5 active process is not performed on the VTR device 2 
side, but data from the STB 1 is waited for. As in the 
above described step S7, when the key encryption 
means 12 transmits the encrypted work key Kc (Kw) to 
the key restoration means 22, the identifier transmission 

io means 1 6 transmits an L corresponding to the transmit- 
ted Kc to the identifier recognition means 25 (step S66). 
Therefore, the identifier recognition means 25 com- 
pares the transmitted L with the L stored in the identifier 
storage means 26 in step S5 or S8. If the transmitted L 

is is different from the stored L, then control is passed to 
step S4 shown in FIG. 6. If they match each other, con- 
trol is passed to step S8 shown in FIG. 6 (steps S67 and 
S68). When step S4 is processed, the reception side 
authentication and key exchange means 23 performs 

20 the authentication and key exchange process with the 
transmission side authentication and key exchange 
means 13 at an instruction from the identifier recogni- 
tion means 25 to obtain the control key Kc correspond- 
ing to the transmitted L (step S4), and then performs the 

25 process in the above described procedure shown in 
FIG. 6. When step S8 is processed, the procedure for 
obtaining the Kc is not used, but the key restoration 
means 22 decrypts the encrypted work key Kc (Kw) 
using the Kc corresponding to the stored L, which had 

30 been used before the reception process was sus- 
pended, and then restores the work key Kw (step S8). 
Then, the processes in the procedure shown in FIG. 6 
are performed. 

[0076] That is, since an identifier L can be transmrt- 

35 ted or received without an encryption process, etc., the 
identifier L is transmitted or received before performing 
the authentication and key exchange process which 
brings a heavy load onto the system, and it is then 
determined whether or not the control key Kc has been 

40 updated according to the identifier L Only if it has been 
updated, the authentication and key exchange process 
is performed to reduce the load onto the system. 
[0077] In addition, according to the present embod- 
iment, the encryption means 11 of the STB 1 does not 

45 update the work key Kw until the authentication and key 
exchange process has been completed on the updated 
control key Kc after the control key Kc was updated, 
thereby preventing the demerit that the update result of 
the Kw cannot be obtained during the authentication 

so and key exchange process. 

[0078] FIG. 8 shows the relationship between the 
execution of the control key update process and that of 
the authentication and key exchange process of the 
data transmission and reception system according to 

55 the second embodiment of the present invention. The 
horizontal axis indicates the passage of time. The bar in 
the first row indicates that the STB is transmitting a data 
signal. The arrow in the second row indicates the range 
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in which the same control key Kc is used. The present 
Figure shows that control key Kc [1] is updated into con- 
trol key Kc [2] in the middle of the process. The bars in 
the third through fifth rows indicate that the VTR device 
in each case is in a reception state. The ranges in which 
the bars are broken indicate that the reception is sus- 
pended. The two vertical arrows in the third through fifth 
rows indicate that the authentication and key exchange 
process has been performed. The down-arrow indicates 
that the identifier transmission means 16 has transmit- 
ted an identifier L As described above, since the identi- 
Jier_transmission_means^l 6 -.has^transmitted^an^ 
corresponding to the Kc to be transmitted to the identi- 
fier recognition means 25 when the key encryption 
means 12 transmits the encrypted work key Kc (Kw) to 
the key restoration means 22, the down -arrow indicating 
this frequently occurs regardless of the reception state 
of the VTR device. 

[0079] Since the VTR device in case 1 is not sus- 
pended during the reception process after starting the 
process, the authentication and key exchange process 
is performed after starting the reception process as in 
the conventional example. Afterwards, only the authen- 
tication and key exchange process has to be performed 
when the control key Kc is updated. The VTR device in 
case 2 is suspended after starting the reception process 
as in the conventional example, and resumes the recep- 
tion process after updating the control key Kc. There- 
fore, it should be confirmed by transmitting an identifier 
L, and perform again the authentication and key 
exchange process as in the conventional example. 
Since the VTR device in case 3 is suspended for a short 
time, the control key Kc is not updated when the recep- 
tion process is resumed. Therefore, it is confirmed by 
transmitting an identifier L, and the key restoration proc- 
ess can be continued without performing again the 
authentication and key exchange process using the 
control key Kc used before the reception process is sus- 
pended. That is. as compared with the conventional 
technology, the data transmission and reception system 
according to the present embodiment can reduce the 
frequency of performing the authentication and key 
exchange process which requires a heavy load onto the 
system in case 3. 

[0080] The data transmission apparatus of the data 
transmission and reception system according to the 
second embodiment has been described as having the 
function according to claim 7 of the present invention. 
However, without the function, the effect of improving 
the transmission and reception efficiency can be real- 
ized by reducing the frequency of performing the 
authentication and key exchange process. Although the 
data transmission apparatus in the data transmission 
and reception system according to the first embodiment 
has the above described function, the effect obtained by 
the data transmission and reception system according 
to the second embodiment can also be obtained. 
[0081 ] In addition, the data transmission and recep- 



tion system and the data reception apparatus according 
to the above described first and second embodiments 
have been described as comprising the identifier stor- 
age means according to the present invention. How- 

5 ever, they are not limited to this configuration. That is, 
the identifier recognition means according to the 
present invention only has to be configured in such a 
way at least that it can be determined whether or not the 
control key has been updated by referring to an identi- 

ro fier, which is transmitted from the data transmission 
apparatus, for specification of the control key when the 
reception processes resumed after being suspended. 
[0082] Furthermore, the data transmitting and 
receiving method, the data transmission and reception 

is system, the data transmission apparatus, and the data 
reception apparatus have been described in the first 
and second embodiments as transmitting and receiving 
data between the STB of the satellite broadcast and the 
VTR device for recording corresponding satellite broad- 

20 cast data. However, they are not limited to this applica- 
tion. That is, data can be encrypted and transmitted 
from the transmission side, and the encrypted data can 
be decrypted and used on the reception side, and the 
key used to encrypting the data can be transmitted by 

25 performing the authentication and key exchange proc- 
ess. 

[0083] In addition, in the above described first and 
second embodiments, the data transmission and recep- 
tion system according to the present invention has been 

30 described. The data transmitting and receiving method 
according to the present invention is also used as 
described above. In addition, the program recording 
medium according to the present invention stores a pro- 
gram for directing a computer to perform each of the 

35 functions of all or a part of each of the above described 
methods. Fa example, it stores a program for directing 
a computer to perform all or a part of the steps shown in 
FIGS. 2 and 3. or 6 and 7. 

[0084] Furthermore, all or a part of each of the 
40 means and components in the data transmission and 
reception system according to the above described first 
and second embodiments may be hardware or software 
having the same function as the hardware. 

45 (Third Embodiment) 

[0085] Described below is the configuration of the 
AV contents communications system according to the 
third embodiment of the present invention. 

so [0086] FIG. 9 is a block diagram showing the AV 
contents communications system according to the third 
embodiment of the present invention. As shown in FIG. 
9, the AV contents communications system according to 
the third embodiment of the present invention com- 

55 prises an AV contents transmission device 31 . a first AV 
contents reception device 32, a second AV contents 
reception device 33, and an IEEE 1394 bus. FIG. 9 also 
shows an antenna 34, and monitors 35 and 36. 
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[0087] The AV contents transmission device 31 
comprises reception means 37, encryption means 38, 
Kco generation means 39, encrypting method selection 
means 40, AKE means 41, encrypting method change 
notification means 42, Kco request command response 5 
means 43, and data transfer means 44 as shown in FIG. 
9. 

[0088] The reception means 37 receives AV con- 
tents through an anntena 34 external to the AV contents 
transmission device 31 . io 
[0089] The encryption means 38 can use a basic 
encrypting method and an extended encrypting 
method, and inputs the AV contents from the reception 
means 37, also inputs an encryption key Kco from the 
Kco generation means 39, uses the encrypting method is 
selected by the encrypting method selection means 40, 
and encrypts the AV contents using the encryption key 
Kco. In addition, the AV contents encrypted using the 
encryption key Kco are defined as Kco (AV contents). 
The basic encrypting method and the extended encrypt- 20 
ing method differ in encryption level. That is, the 
extended encrypting method has a higher encryption 
level than the basic encrypting method. In other words, 
they differ in the length of a digital signal configuring the 
encryption key Kco for use in the encryption process. 25 
For example, the basic encrypting method encrypts AV 
contents using a 40-bit encryption key Kco while the 
extended encrypting method encrypts AV contents 
using a 56-bit encryption key Kco. 
[0090] The Kco generation means 39 generates an 30 
encryption key Kco for use by the encryption means 38 
encrypting the AV contents from the reception means 
37, and updates the encryption key Kco every 20 sec- 
onds. 

[0091] The encrypting method selection means 40 35 
selects an encrypting method used when the encryption 
means 38 encrypts AV contents. 
[0092] The AKE means 41 performs the authentica- 
tion and key exchange process with the first AV con- 
tents reception device 32. If the authentication process <o 
has been successfully performed with the first AV con- 
tents reception device 32, then an exchange key Kex is 
issued to the first AV contents reception device 32. Sim- 
ilarly, the AKE means 41 performs the authentication 
and key exchange process with the second AV contents as 
reception device 33. 

[0093] When an encrypting method is switched into 
another encrypting method, the encrypting method 
change notification means 42 issues a notification of the 
change. so 
[0094] The Kco request command response means 
43 inputs a command from the first AV contents recep- 
tion device 32 and/or the second AV contents reception 
device 33 requesting to transmit the seed of the latest 
encryption key Kco updated every 20 seconds, and 55 
transmits the seed of encryption key Kco in response to 
the command. 

[0095] The data transfer means 44 communicates 
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data between each of the means of the AV contents 
transmission device 31 and the first AV contents recep- 
tion device 32 and/or the second AV contents reception 
device 33. 

[0096] The first AV contents reception device 32 
comprises data transfer means 45, AKE means 46, 
encrypting method notification detection means 47, Kco 
request command issue means 48, Kco storage means 
49, encrypting method storage means 50, and decryp- 
tion means 51 as shown in FIG. 9. 
[0097] The data transfer means 45 communicates 
data between each of the means of the first AV contents 
reception device 32 and the AV contents transmission 
device 31. 

[0098] The AKE means 46 performs the authentica- 
tion and key exchange process with the AV contents 
transmission device 31. If the authentication process 
has been successfully performed with the AV contents 
transmission device 31, then an exchange key Kex is 
received from the AV contents transmission device 31 . 
[0099] The encrypting method notification detection 
means 47 detects which encrypting method is used in 
encrypting the AV contents from the AV contents trans- 
mission device 31 . 

[01 00] The Kco request command issue means 48 
issues a command requesting the AV contents trans- 
mission device 31 to transmit the seed of encryption key 
Kco corresponding to an encrypting method detected 
by the encrypting method notification detection means 
47. In addition, the Kco request command issue means 
48 receives the seed of encryption key Kco from the AV 
contents transmission device 31. 
[0101] The Kco storage means 49 has a predeter- 
mined function required when encrypted AV contents 
from the AV contents transmission device 31 are 
decrypted, inputs the exchange key Kex from the AKE 
means 46, also inputs the seed of the encryption key 
Kco from the Kco request command issue means 48, 
and substitutes the exchange key Kex and the encryp- 
tion key Kco for a predetermined function to generate 
and store an encryption key Kco. Besides, description 
regarding the function will be made later. 
[0102] The encrypting method storage means 50 
stores the encrypting method detected by the encrypt- 
ing method notification detection means 47. 
[0103] The decryption means 51 inputs the 
encrypted AV contents from the AV contents transmis- 
sion device 31 , also inputs the encryption key Kco from 
the Kco storage means 49 and the encrypting method 
from the encrypting method storage means 50, and 
decrypts the encrypted AV contents using the encryp- 
tion key Kco according to the encrypting method. The 
decryption means 51 can use either the basic encrypt- 
ing method or the extended encrypting method. 
[0104] Next, the second AV contents reception 
device 33 comprises data transfer means 52, AKE 
means 53. Kco request command issue means 54, Kco 
storage means 55, and decryption means 56 as shown 
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in FIG. 9. 

[0105] The data transfer means 52 communicates 
data between each of the means of the second AV con- 
tents reception device 33 and the AV contents transmis- 
sion device 31. 5 
[01 06] The AKE means 53 performs the authentica- 
tion and key exchange process with the AV contents 
transmission device 31. If the authentication process 
has been successfully performed between the AKE 
means 53 and the AV contents transmission device 31 , io 
then the AKE means 53 inputs an exchange key Kex 
from the AV contents transmission device 31 . 
[0107] The Kco request command issue means 54 
issues a command to the AV contents transmission 
device 31 to transmit the seed of the encryption key Kco is 
corresponding to the basic encrypting method. In addi- 
tion, the Kco request command issue means 54 inputs 
the seed of the latest encryption key Kco from the AV 
contents transmission device 31 in response to the 
request command. 20 
[0108] The Kco storage means 55 has a predeter- 
mined function required in decrypting the encrypted AV 
contents from the AV contents transmission device 31, 
inputs the seed of encryption key Kco from the Kco 
request command issue means 54, also receives the 25 
exchange key Kex from the AKE means 53. and substi- 
tutes the exchange key Kex and the encryption key Kco 
for a preliminarily set function to generate and store the 
encryption key Kco. 

[0109] The decryption means 56 inputs the 30 
encrypted AV contents from the AV contents transmis- 
sion device 31 , also inputs the encryption key Kco from 
the Kco storage means 55, and decrypts the encrypted 
AV contents using the encryption key Kco on the basis 
of the basic encrypting method. It is assumed that the 35 
decryption means 56 can use only the basic encrypting 
method. That is, the decryption means 56 cannot use 
the extended encrypting method. 
[0110] Next, the IEEE 1394 bus is a transmission 
line of data communicated among the AV contents 40 
transmission device 31, the first AV contents reception 
device 32, and the second AV contents reception device 
33. 

[0111] An antenna 34 is provided outside the AV 
contents transmission device 31 , and receives the AV 45 
contents. The monitor 35 displays the AV contents from 
the first AV contents reception device. 32. Similarly, the 
monitor 36 displays the AV contents from the second AV 
contents reception device 33. 

[0112] Described below are the operations of the so 

AV contents communications system according to the 

third embodiment of the present invention. 

[0113] Before describing in detail the operations of 

the AV contents communications system shown in FIG. 

9, the following situation is assumed for convenience, ss 

and the operations of the AV contents communications 

system are described under the situation. 

[01 14] First assume that the AV contents transmis- 



sion device 31 encrypts the AV contents from the 
antenna 34 in the extended encrypting method, outputs 
the result through the IEEE 1394 bus, and the first AV 
contents reception device 32 receives and decrypts the 
AV contents during the output process of the AV con- 
tents, and then the second AV contents reception 
device 33 which cannot use the extended encrypting 
method receives the AV contents and tries to decrypt 
them. 

[0115] Described first are the operations of the AV 
contents transmission device 31 which encrypts the AV 
contents from the antenna 34 in the extended encrypt- 
ing method, and then outputs the result through the 
IEEE 1394 bus. The AV contents transmission device 
31 can use either the extended encrypting method or 
the basic encrypting method as described above. How- 
ever, unless specifically requested to output the AV con- 
tents encrypted in the basic encrypting method, the 
extended encrypting method having a stronger encryp- 
tion effect is used in encrypting the AV contents with the 
view to more strongly protect the output AV contents. 
[01 1 6] First, the encrypting method selection 
means 40 selects the extended encrypting method, the 
reception means 37 receives the AV contents through 
the antenna 34 external to the AV contents transmission 
device 31 , and the encryption means 38 inputs the AV 
contents from the reception means 37, also receives an 
encryption key Kco1 from the Kco generation means 
39, and then encrypts the AV contents using the encryp- 
tion key Kco1 in the extended encrypting method. To 
indicate that the encryption key from the Kco generation 
means 39 as an encryption key corresponding to the 
extended encrypting method, it is described as "Kcor. 
In the following descriptions, the encryption key corre- 
sponding to the basic encrypting method other than the 
extended encrypting method is described as "Kco2". 
The encryption process is not performed on, for exam- 
ple, a part of the headers of the AV contents. That is, it 
is assumed that the encryption process is performed 
such that, when the AV contents are received, the 
header information about the AV contents may be 
decrypted without the encryption key Kco1, but the AV 
contents cannot be decrypted without the encryption 
key Kco1 . In addition, the encryption key Kco1 from the 
Kco generation means 39 to be used by the encryption 
means 38 is updated every 20 seconds as described 
above. Then, the Kco generation means 39 outputs 
"odd" or "even" as the information as to the timing of the 
update using the encryption key Kco1. When the "odd" 
and "even" is switched from each other, each indicates 
that the encryption key Kco1 used in encrypting the AV 
contents is switched every 20 seconds before and after 
the switch between "odd" and "even". Then, the data 
transfer means 44 inputs the AV contents encrypted 
using the encryption key Kco1 from the encryption 
means 38, that is, the Kco (AV contents), also receives 
"odd" or "even" from the Kco generation means 39, 
adds "odd" or "even" to the header of the Kco (AV con- 
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tents) as shown in FIG. 10 (a), and outputs the result to 
the IEEE 1394 bus. FIG. 10(a) shows the configuration 
of the AV contents transmitted from the AV contents 
transmission device 31 . FIG. 10(b) is described later. 
[0117] Next, as described above, the operations of 
the AV contents transmission device 31 and the first AV 
contents reception device 32 up to the point when the 
first AV contents reception device 32 decrypts the AV 
contents during the output process of the AV contents 
encrypted and output through the IEEE 1 394 bus by the 
AV contents transmission device 31 . 
[01 1 8] At this time, the AKE means 46 of the first AV 
contents reception device 32 issues, an authentication 
request to the AKE means 41 of the AV contents trans- 
mission device 31, and the AKE means 46 and the AKE 
means 41 authenticate each other's device. If the 
authentication process can be successfully performed, 
then the AKE means 41 outputs an exchange key Kex to 
the AKE means 46. The exchange key Kex is required in 
decrypting the encrypted AV contents. Simultaneously, 
the AKE means 41 determines that the first AV contents 
reception device 32 can use the extended encrypting 
method, and does not change the encrypting method. If 
the AKE means 46 and the AKE means 41 fail in the 
authentication process, the AKE means 41 does not 
output the exchange key Kex to the AKE means 46. In 
this example, it is assumed for convenience of the fol- 
lowing description that the AKE means 46 and the AKE 
means 41 can successfully perform the authentication 
process. 

[01 1 9] Then, the AKE means 46 of the first AV con- 
tents reception device 32 receives the exchange key 
Kex from the AKE means 41 through the data transfer 
means 45, and outputs it to the Kco storage means 49. 
The encrypting method notification detection means 47 
detects that the AV contents from the AV contents trans- 
mission device 31 have been encrypted in the extended 
encrypting method, and outputs the information, that is. 
the extended encrypting method, to the encrypting 
method storage means 50 for storage. Furthermore, the 
Kco request command issue means 48 issues to the 
Kco request command response means 43 of the AV 
contents transmission device 31 a command to transmit 
the seed of the latest encryption key Kco1 correspond- 
ing to the extended encrypting method. Then, it 
receives the seed of the latest encryption key Kco1 from 
the Kco request command response means 43 in 
response to the command, and outputs the seed to the 
Kco storage means 49. As described above, since the 
encryption key Kco1 from the AV contents transmission 
device 31 is updated every 20 seconds, the Kco request 
command issue means 48 is assumed to issue a com- 
mand to the Kco request command response means 43 
every 20 seconds. Then, the Kco storage means 49 
substitutes the exchange key Kex from the AKE means 
46 and the seed of encryption key Kco1 from the Kco 
request command issue means 48 for the predeter- 
mined functions as described later (equation 1), and 



generates and stores the encryption key Kco1. In addi- 
tion, the seed of the encryption key Kco1 is substituted 
for the seed in Equation 1 . 

5 Kco = f (seed, Kex) [Equation 1] 

[0120] Then, the "odd" or "even" in the header of 
the Kco (AV contents) from the AV contents transmis- 
sion device 31 is detected, the switch between the "odd" 

w and "even" is determined, and then it is determined 
which encryption key Kcol has been used to encrypt 
the Kco (AV contents) from the AV contents transmis- 
sion device 31 . As described above, the switch between 
"odd" and "even" indicates the switch of the encryption 

15 key Kco1 used in encrypting the AV contents. Further- 
more, when the Kco request command response 
means 43 of the AV contents transmission device 31 
receives a command to request to send the seed of the 
encryption key Kco1 from the Kco request command 

20 issue means 48, it outputs the seed of the encryption 
key Kco1 to the data transfer means 44. Then, the data 
transfer means 44 outputs a command containing the 
seed of encryption key Kco1 used in the Kco (AV con- 
tents) to the IEEE 1394 bus by using an asynchronous 

25 signal other than the Kco (AV contents) as shown in 
FIG. 10(b). FIG. 10(b) shows the configuration of the 
command transmitted from the AV contents transmis- 
sion device 31. 

[0121] Finally, the decryption means 51 inputs the 

30 encrypted AV contents from the AV contents transmis- 
sion device 31 through the data transfer means 45, also, 
inputs the encryption key Kco1 from the Kco storage 
means 49 and the extended encrypting method from the 
encrypting method storage means 50, decrypts the 

35 encrypted AV contents using the encryption key Kco1 
based on the extended encrypting method, and outputs 
the result to the monitor 35. Then, the monitor 35 dis- 
plays the AV contents from the decryption means 51 . 
[0122] Described next are the operations of the AV 

40 contents transmission device 31, the first AV contents 
reception device 32, and the second AV contents recep- 
tion device 33 performed when the second AV contents 
reception device 33 incapable of using the extended 
encrypting method decrypts the AV contents when, as 

45 described above, the AV contents transmission device 
31 encrypts and outputs the AV contents in the 
extended encrypting method, and the first AV contents 
reception device 32 decrypts the AV contents. At this 
time, the operations of the AV contents transmission 

so device 31 are described also with reference to the flow- 
chart shown in FIG. 1 1 . 

[0123] The AKE means 53 of the second AV con- 
tents reception device 33 issues an authentication 
request to the AKE means 41 of the AV contents trans- 
55 mission device 31 . and the AKE means 53 and the AKE 
means 41 authenticate each other f s devices (step 1 
shown in FIG. 11). At this time, the AKE means 53 
requests to change the encrypting method for the AV 
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contents output by the AV contents transmission device 
31 into the basic encrypting method, because the sec- 
ond AV contents reception device 33 cannot use the 
extended encrypting method, but can use only the basic 
encrypting method. The mutual authentication process 
can be successfully performed, then the AKE means 41 
accepts the request (step 2 shown in FIG. 1 1). and out- 
puts the information for control of the encrypting method 
selection means 40 and the encrypting method change 
notification means 42 to set the basic encrypting 
method as an encrypting method (step 3 shown in FIG. 
1 1). Then, the AKE means 41 outputs the exchange key 
Kex to the AKE means 53, and the authentication and 
key exchange process between the AKE means 41 and 
the AKE means 53 can be completed (step 4 shown in 
11). The exchange key Kex is a key required when the 
encrypted AV contents are decrypted. When the 
authentication process performed by the AKE means 53 
and the AKE means 41 cannot be successfully per- 
formed, the AKE means 41 does not output the 
exchange key Kex to the AKE means 53. nor does it 
accept the request to set the basic encrypting method 
as an encrypting method. However, it is assumed for 
convenience of the following description that the 
authentication process between the AKE means 53 and 
the AKE means 41 can be successfully performed. 
[0124] In the AV contents transmission device 31. 
the encrypting method selection means 40 selects the 
basic encrypting method according to the information 
for changing the encrypting method from the AKE 
means 41 , that is, the information for setting the basic 
encrypting method as an encrypting method, and the 
information is output to the encryption means 38 and 
the Kco generation means 39. The encrypting method 
selection means 40 selects the basic encrypting 
method by the completion of the authentication and key 
exchange process between the AKE means 41 and the 
AKE means 53, that is. by the input of the exchange key 
Kex at the AKE means 53. Then, after the information 
for changing the encrypting method into the basic 
encrypting method has been input, and from the next 
update timing of the encryption key Kco1 generated in 
the extended encrypting method, the Kco generation 
means 39 generates the encryption key Kco2 in the 
basic encrypting method, and updates it every 20 sec- 
onds. Furthermore, the encrypting method change noti- 
fication means 42 outputs the command to inform that 
the encrypting method of the AV contents is changed 
from the extended encrypting method to the basic 
encrypting method to the encrypting method notification 
detection means 47 of the first AV contents reception 
device 32, and outputs a command of the information 
about the switching timing of the encrypting method to 
the encrypting method notification detection means 47. 
[0125] Afterwards, the encryption means 38 of the 
AV contents transmission device 31 inputs the AV con- 
tents from the reception means 37, also inputs the 
encryption key Kco2 from the Kco generation means 



39, and encrypts the AV contents using the encryption 
key Kco2 in the basic encrypting method. Furthermore, 
the Kco generation means 39 outputs "odd" or "even" as 
the information about what timing the encryption key 
s Kco2 is switched. Then, the data transfer means 44 
inputs the AV contents encrypted using the encryption 
key Kco2 from the encryption means 38, that is, Kco 
(AV contents), also receives "odd" or "even" from the 
Kco generation means 39, and adds "odd" or "even" to 
w the header of Kco (AV contents) and outputs the result 
through the IEEE 1394 bus. 

— [0126] When the encrypting method for the AV con- 
tents from the AV contents transmission device 31 is 
switched into the basic encrypting method, the second 
is AV contents reception device 33 is allowed to decrypt 
the AV contents. Then, the operations of the second AV 
contents reception device 33 decrypting the AV con- 
tents are described below. 

[0127] First, the AKE means 53 inputs the 

20 exchange key Kex from the AKE means 41 of the AV 
contents transmission device 31 through the data trans- 
fer means 52, and outputs it to the Kco storage means 
55, The Kco request command issue means 54 issues 
a command to the Kco request command response 

25 means 43 of the AV contents transmission device 31 to 
transmit the seed of the encryption key Kco2 corre- 
sponding to the basic encrypting method, inputs in 
response to the command the seed of the encryption 
key Kco2 from the Kco request command response 

30 means 43, and outputs the seed to the Kco storage 
means 55. Then, the Kco storage means 55 substitutes 
the exchange key Kex from the AKE means 53 and the 
seed of the encryption key Kco2 from the Kco request 
command issue means 54 for a predetermined function 

35 as described above by the equation 1, and generates 
and stores the encryption key Kco2. Then, it detects 
"odd" or "even" from the header of the Kco (AV con- 
tents) from the AV contents transmission device 31, 
determines the switch between "odd" and "even", and 

40 specifies which encryption key Kco2 is used to encrypt 
the Kco ((AV contents) from the AV contents transmis- 
sion device 31. 

[0128] Finally, the decryption means 56 receives 
the encrypted AV contents from the AV contents trans- 

45 mission device 31 through the data transfer means 52. 
also inputs The encryption key Kco2 from the Kco stor- 
age means 55, decrypts the encrypted AV contents 
using the encryption key Kco2 in the basic encrypting 
method, and output the result to the monitor 36. The 

so monitor 36 displays the AV contents from the decryption 
means 56. 

[0129] Thus, when the AV contents transmission 
device 31 changes the encrypting method for the AV 
contents into the basic encrypting method, and encrypts 
55 and outputs the AV contents, the second AV contents 
reception device 33 is allowed to decrypt the AV con- 
tents, but the first AV contents reception device 32 
which receives and decrypts the AV contents encrypted 



16 



31 



EP0 994 599 A1 



32 



in the extended encrypting method till then cannot 
decrypt the AV contents as it is. Described below are 
the operations of the first AV contents reception device 
32 when the AV contents transmission device 31 
changes the encrypting method for the AV contents into 
the basic encrypting method, and when the first AV con- 
tents reception device 32 decrypts the AV contents. The 
operations of the first AV contents reception device 32 
are also described by referring to the flowchart shown in 
12. 

[0130] At this time, as described above, the 
encrypting method notification detection means 47 of 
the first AV contents reception device 32 inputs from the 
encrypting method change notification means 42 of the 
AV contents transmission device 31a command inform- 
ing that the encrypting method for the AV contents is 
changed from the extended encrypting method to the 
basic encrypting method, and also inputs a command 
about the timing of switching the encrypting method 
(step 1 shown in FIG. 12). The encrypting method noti- 
fication detection means 47 outputs these two pieces of 
information to the Kco request command issue means 
48 and the encrypting method storage means 50. Then, 
the Kco request command issue means 48 issues to the 
Kco request command response means 43 of the AV 
contents transmission device 31 a command to transmit 
the seed of the encryption key Kco2 corresponding to 
the basic encrypting method (step 2 shown in FIG. 12), 
inputs in return for the command the seed of the encryp- 
tion key Kco2 from the Kco request command response 
means 43, and outputs the seed to the Kco storage 
means 49. Then, the Kco storage means 49 substitutes 
the exchange key Kex from the AKE means 46 and the 
seed of the encryption key Kco2 from the Kco request 
command issue means 48 for a predetermined function, 
and generates and stores the encryption key Kco2 (step 
3 shown in FIG. 12). 

[0131] Finally, the decryption means 51 receives 
the encrypted AV contents from the AV contents trans- 
mission device 31 through the data transfer means 45, 
also receives the encryption key Kco2 from the Kco 
storage means 49 and the basic encrypting method 
from the encrypting method storage means 50. Since 
the decryption means 51 can use the basic encrypting 
method, it decrypts the encrypted AV contents using the 
encryption key Kco2 in the basic encrypting method, 
and outputs the result to the monitor 35 (step 4 shown 
in FIG. 12). Then, the monitor 35 displays the AV con- 
tents from the decryption means 51 . 
[01 32] Thus, although the AV contents transmission 
device 31 has changed the encrypting method for the 
AV contents into the basic encrypting method, the first 
AV contents reception device 32 can decrypt the 
encrypted AV contents in the basic encrypting method 
by receiving the information that the encrypting method 
has been switched into the basic encrypting method, 
and the information about the switching timing. 
[0133] ft is possible that the second AV contents 



reception device 33 stops decrypting the AV contents 
when the AV contents transmission device 31 changes 
the encrypting method for the AV contents into the basic 
encrypting method and transmits the AV contents. 

5 Described below are the operations of the AV contents 
transmission device 31 and the first AV contents recep- 
tion device 32 performed when the second AV contents 
reception device 33 stops decrypting the AV contents. 
[0134] When the second AV contents reception 

w device 33 stops decrypting the AV contents, the Kco 
request command issue means 54 of the second AV 
contents reception device 33 stops issuing to the Kco 
request command response means 43 of the AV con- 
tents transmission device 31 a command to transmit the 

15 seed of the encryption key Kco2. That is, the Kco 
request command response means 43 stops receiving 
a command from the Kco request command issue 
means 54. When the Kco request command response 
means 43 stops receiving a command from the Kco 

20 request command issue means 54, it is determined that 
the second AV contents reception device 33 has 
stopped decrypting the AV contents. Then, the Kco 
request command response means 43 notifies the 
encrypting method change notification means 42 that 

25 the second AV contents reception device 33 has 
stopped decrypting the AV contents. 
[0135] Then, the encrypting method change notifi- 
cation means 42 inputs the information from the Kco 
request command response means 43 that the second 

30 AV contents reception device 33 has stopped decrypt- 
ing the AV contents, and according to the information . 
instructs the encrypting method selection means 40 to 
switch the encrypting method to be selected from the I 
basic encrypting method to the extended encrypting. 

35 method, and then outputs to the encrypting method 
notification detection means 47 of the first AV contents 
reception device 32, the information that the encrypting 
method is to be switched from the basic encrypting 
method to the extended encrypting method together 

40 with the information about the switching timing. The 
encrypting method is switched into the extended 
encrypting method because, as described above, the 
extended encrypting method has a higher encryption 
level than the basic encrypting method, and more 

45 strongly protects the AV contents from being decrypted 
by an illegal device than the basic encrypting method. 
When the encrypting method is switched from the basic 
encrypting method to the extended encrypting method, 
the AKE means 41 is preliminarily designed to store the 

so information that the second AV contents reception 
device 33 can use only the basic encrypting method, 
and then, the encrypting method change notification 
means 42 is designed to determine that the encrypting 
method is to be switched from the basic encrypting 

55 method to the extended encrypting method when the 
second AV contents reception device 33 stops decrypt- 
ing the AV contents. 

[0136] Then, the encrypting method selection 
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33 

means 40 switches again the selection of the encrypting 
method from the basic encrypting method to the 
extended encrypting method. Thus, after the encrypting 
method has been switched into the extended encrypting 
method, each of the means in the AV contents transmis- 
sion device 31 performs the same operations as those 
performed when AV contents are encrypted and output 
based on the extended encrypting method before 
switching into the basic encrypting method as described 
above. 

[0137] On the other hand, in the first AV contents 
receptiondevice 32 r the encrypting method -notification - 
detection means 47 inputs from the encrypting method 
change notification means 42 of the AV contents trans- 
mission device 31 the information that the encrypting 
method is to be switched from the basic encrypting 
method to the extended encrypting method together 
with the information about the switching timing. Accord- 
ing to the information, each of the means switches their 
operations in the decryption process. The switching tim- 
ing is the same as that when the encrypting method is 
switched from the extended encrypting method to the 
basic encrypting method. After the switching process, 
each of the means of the first AV contents reception 
device 32 operates as in the process similar to that of 
decrypting the encrypted AV contents in the extended 
encrypting method before switching into the basic 
encrypting method as described above. 
[0138] Thus, when the AV contents transmission 
device 31 is encrypting the AV contents in the basic 
encrypting method and transmitting the result, and 
when the second AV contents reception device 33 stops 
decrypting the AV contents, the AV contents transmis- 
sion device 31 makes a change such that the AV con- 
tents encrypted in the extended encrypting method 
having a higher encryption level can be transmitted. 
However, the first AV contents reception device 32 can 
decrypt the AV contents although the encrypting 
method has been thus changed from the basic encrypt- 
ing method to the extended encrypting method. 
[0139] The above described third embodiment, the 
encrypting method change notification means 42 of the 
AV contents transmission device 31 outputs to the 
encrypting method notification detection means 47 of 
the first AV contents reception device 32 a command of 
the information that the encrypting method of the AV 
contents is to be changed from the extended encrypting 
method to the basic encrypting method. However, the 
encrypting method change notification means 42 may 
be designed to output to the encrypting method notifica- 
tion detection means 47 the information that the 
encrypting method for the AV contents is changed from 
the extended encrypting method to another encrypting 
method. However, in this case, the encrypting method 
notification detection means 47 has to request the AV 
contents transmission device 31 to notify what encrypt- 
ing method is to be used after a change. Similarly, 
although the encrypting method change notification 



means 42 outputs to the encrypting method notification 
detection means 47 a command of the information 
about the switching timing from the extended encrypting 
method to the basic encrypting method, the encrypting 

5 method change notification means 42 may also be 
designed not to output the information about the switch- 
ing timing of the encrypting method to the encrypting 
method notification detection means 47. However, in 
this case, the encrypting method notification detection 

10 means 47 has to requests the AV contents transmission 
device 31 to issue a notification about the switching tim- 
ing of the encrypting method. In addition, the encrypting 
method switching information and the switching timing 
information outputted by the encrypting method change 

/5 notification means 42 may be provided not only as a 
command, but also as information added to the AV con- 
tents. 

[0140] According to the above described third 
embodiment the AV contents transmission device 31 

20 outputs the information into what encrypting method the 
current encrypting method is switched, and then, when 
the first AV contents reception device 32 requests the 
AV contents transmission device 31 to transmit the seed 
of the encryption key Kco corresponding to the encrypt- 

25 ing method after the switch, transmits the seed of the 
encryption key Kco in response to the request. How- 
ever, when the encrypting method is switched, the AV 
contents transmission device 31 may output the seed of 
the encryption key Kco corresponding to the encrypting 

30 method after the switch together with the information 
about the encrypting method after the switch. In addi- 
tion, although the AV contents transmission device 31 
outputs the seed of the encryption key Kco, it also may 
output the encryption key Kco itself, or the encryption 

35 key Kco encrypted using the exchange key Kex. In this 
case, on the reception side, not a seed, but the encryp- 
tion key Kco itself, a the encryption key Kco encrypted 
using the exchange key Kex is used. In addition, the 
seed of the encryption key Kco is transmitted through a 

40 command, but the encryption key Kco and the seed 
thereof may be transmitted either in a command or as 
the information added to the AV contents for transmis- 
sion. 

[0141] In addition, according to the third embodi- 
45 ment described above, the Kco generation means 39 of 
the AV contents transmission device 31 updates the 
encryption key Kco every 20 seconds, but the interval of 
the Kco generation means 39 updating the encryption 
key Kco is not limited to every 20 seconds. The encryp- 
so tion key Kco may be updated either periodically or non- 
periodical ly. 

[0142] According to the third embodiment 
described above, the AV contents transmission device 
31 stores the second AV contents reception device 33. 
55 from where determines whether or not a command for 
requesting the seed of the encryption key Kco2 for 
decryption of the AV contents has been received. If the 
command stops, the encrypting method is switched 
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from the extended encrypting method to the basic 
encrypting method. However, the AV contents transmis- 
sion device 31 can check what encrypting method can 
be used in each of the first AV contents reception device 

32 and the second AV contents reception device 33. ff 
all the AV contents reception devices transmitting a 
command to request the seed of the encryption key Kco 
for decryption of the AV contents can use the extended 
encrypting method, then the encrypting method can be 
switched from the basic encrypting method to the 
extended encrypting method. 

[0143] In addition, according to the third embodi- 
ment described above, when the AV contents transmis- 
sion device 31 switches the encrypting method from the 
extended encrypting method to the basic encrypting 
method, the AV contents transmission device 31 first 
performs the authentication process with the second AV 
contents reception device 33. If the process is success- 
fully performed, the encrypting method is switched from 
the extended encrypting method to the basic encrypting 
method. However, as shown in 13, after the AV contents 
transmission device 31 has received the authentication 
request from the second AV contents reception device 

33 (step 1 shown in FIG. 13). the encrypting method is 
switched from the extended encrypting method to the 
basic encrypting method (step 2 shown in FIG. 13) 
regardless of the success of the mutual authentication. 
If the authentication process can be successfully per- 
formed after the switch (step 3 shown in FIG. 13), then 
the basic encrypting method can be specified (step 5 
shown in FIG. 13). H the authentication process in step 
3 shown FIG. 13 fails, the encrypting method can be 
switched from the basic encrypting method to the 
extended encrypting method (step 4 shown in FIG. 13) 
[0144] In addition, according to the third embodi- 
ment described above, the AV contents transmission 
device 31 performs the authentication process with the 
second AV contents reception device 33. If the authen- 
tication process is successfully performed, the encrypt- 
ing method is switched from the extended encrypting 
method to the basic encrypting method. However, when 
the AV contents transmission device 31 receives an 
authentication request from the second AV contents 
reception device 33, it switches the encrypting method 
from the extended encrypting method to the basic 
encrypting method regardless of the success of the 
authentication process, and the AV contents may be 
encrypted in the swrtched-to basic encrypting method. 
However, in this case, if the authentication process fails 
between the AV contents transmission device 31 and 
the second AV contents reception device 33. then the 
AV contents transmission device 31 does not output the 
exchange key Kex to the second AV contents reception 
device 33. Therefore, the AV contents from the AV con- 
tents transmission device 31 can be protected from 
being decrypted by an illegal device. On the other hand, 
when the AV contents transmission device 31 receives 
an authentication request from the second AV contents 
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reception device 33. and outputs the encrypted AV con- 
tents after switching the encrypting method to the basic 
encrypting method, the first AV contents reception 
device 32 receives from the AV contents transmission 

5 device 31 the information that the encrypting method is 
switched into the basic encrypting method as described 
above in the third embodiment also receives the AV 
contents encrypted in the basic encrypting method from 
the AV contents transmission device 31, and the AV 

io contents are decrypted in the basic encrypting method. 
On the other hand, the AV contents transmission device 
31 changes again into the extended encrypting method 
when the AV contents transmission device 31 deter- 
mines that the second AV contents reception device 33 

i5 is illegal. 

[0145] In addition, all or a part of the components 
means and elements of the AV contents communica- 
tions system according to the aforementioned third 
embodiment may be either hardware, or software hav- 

20 ing the same function as the hardware. 

[0146] Furthermore, the present invention accord- 
ing to claim 25 is a program recording medium charac- 
terized by storing a program for directing a computer to 
perform all or a part of respective functions in each step 

25 of the AV contents transmitting method described in any 
of the claims 16 through 24. The present invention 
according to claim 28 is a program recording medium 
storing a program for directing a computer to perform all 
or a part of each step of the AV contents receiving 

30 method described in either respective functions in the 
claim 26 or 27. 

Industrial Applicability 

35 [0147] As described above, it is clear that the 
present invention according to claim 1 can provide a 
data transmitting and receiving method for improving 
the transmission and reception efficiency by improving 
the security through the update of a control key and 

40 reducing the frequency of the authentication and key 
exchange process. The present invention according to 
claim 6 can provide a data transmission apparatus for 
improving the transmission and reception efficiency by 
improving the security through the update of a control 

45 key and reducing the frequency of the authentication 
and key exchange process. The present invention 
according to claim 8 can provide a data reception appa- 
ratus for improving the transmission and reception effi- 
dency by improving the security through the update of a 

so control key and reducing the frequency of the authenti- 
cation and key exchange process. Further, the present 
invention according to claim 14 can provide a data 
transmission and reception system for improving the 
transmission and reception efficiency by improving the 

55 security through the update of a control key and reduc- 
ing the frequency of • the authentication and key 
exchange process. The present invention according to 
claim 15 can provide a program recording medium stor- 
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ing a program for directing a computer to perform each 
function of all or a part of each component provided in 
each means forming part of the present invention. 
[0148] In addition, the present invention can provide 
an AV contents transmitting method capable of allowing 
an AV contents reception apparatus which cannot use a 
first encrypting method to decrypt AV contents when an 
AV contents transmission apparatus transmits AV con- 
tents encrypted in the first encrypting method. 
[0149] Furthermore, the present invention can pro- 
vide an AV contents transmission apparatus capable of 
-allowing an AV contents reception apparatus which can-^ 
not use a first encrypting method to decrypt AV contents 
when an AV contents transmission apparatus transmits 
AV contents encrypted in the first encrypting method. 
[0150] In addition, when the above described AV 
contents transmitting method is used, and when there is 
an AV contents reception apparatus which receives and 
decrypts the AV contents encrypted in the first encrypt- 
ing method in addition to an AV contents reception 
apparatus which cannot use the first encrypting 
method, the present invention can provide an AV con- 
tents transmitting method and an AV contents receiving 
method for allowing the AV contents to be decrypted 
squently. 

[0151] Furthermore, when the aforementioned AV 
contents transmission apparatus instructs the AV con- 
tents reception apparatus which cannot use the first 
encrypting method to decrypt the AV contents, the 
present invention can provide another AV contents 
reception apparatus capable of continuously decrypting 
the AV contents encrypted in the first encrypting 
method, in addition to the AV contents reception appa- 
ratus mentioned above. 

Claims 

1 . A data transmitting and receiving method in which: 

on a transmission side, encrypted digital data 
obtained by performing a first encryption proc- 
ess on digital data using a work key, and an 
encrypted work key obtained by performing a 
second encryption process on the work key 
using a control key, are transmitted, and 
on a reception side, the encrypted work key is 
received and decrypted using the control key 
obtained by performing an authentication and 
key exchange process with the transmission 
side, and the encrypted digital data is received 
and decrypted using the decrypted work key, 
thereby obtaining the digital data, character- 
ized in that: 

on said transmission side, the control key is 
periodically or non-periodically updated, an 
identifier identifying the control key is assigned 
for each control key; and 
on said reception side, when a reception proc- 



ess is suspended and then resumed, it is deter- 
mined whether or not the control key has been 
updated while the reception process is being 
suspended by referring to the identifier trans- 
5 mitted from the transmission side, and, when it 

is determined that the control key has been 
updated, the authentication and key exchange 
process is performed again, thereby obtaining 
the updated control key. 

10 

2. The data transmitting and receiving method accord- 
ing to claim 1, characterized in that: 

said reception side requests the transmission 
is side to transmit the identifier when the recep- 

tion process is suspended and then resumed; 
and 

said transmission side transmits the identifier 
when the authentication and key exchange 
20 process is performed, and also transmits the 

identifier in response to the request. 

3. The data transmitting and receiving method accord- 
ing to claim 1 , characterized in that said transmis- 

25 sion side periodically or non-periodically transmits 
the identifier to said reception side. 

4. The data transmitting and receiving method accord- 
ing to claim 3, characterized in that said transmis- 

30 sion side periodically or non-periodically updates 
the work key, and transmits to the reception side the 
identifier, together with the work key, corresponding 
to the control key used when the first encryption 
process is performed on the work key. 

35 

5. The data transmitting and receiving method accord- 
ing to any one of claims 1 through 4, characterized 
in that said transmission side does not update the 
work key until the authentication and key exchange 

40 process is completed on the updated control key 
after the key encryption means updates the control 
key. 

6. A data transmission apparatus, characterized by 
45 comprising: 

encryption means periodically or non-periodi- 
cally updating/generating a work key, perform- 
ing a first encryption process on digital data 
so using the work key to convert the digital data 

into encrypted digital data, and transmitting the 
encrypted digital data to a data reception appa- 
ratus; 

a key encryption means periodically or non- 
55 periodically updating/generating a control key, 
performing a second encryption process on the 
work key using the control key to convert the 
work key into encrypted work key, and transmit- 
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ting the encrypted work key to the data recep- 
tion apparatus; 

a transmission side authentication and key 
exchange means performing an authentication 
and key exchange process with the data recep- 5 
tion apparatus; 

identifier generation means generating an 
identifier identifying the control key; and 
identifier transmission means transmitting the 
identifier to the data reception apparatus. to 

7. The data transmission apparatus according to 
claim 6. characterized in that said encryption 
means does not update the work key until the 
authentication and key exchange process is com- 15 
pleted on the updated control key after the key 
encryption means updates the control key 

8. A data reception apparatus, characterized by com- 
prising: 20 



40 

transmitted from said data transmission appa- 
ratus with the identifier transmitted immediately 
before the latest identifier and stored in said 
identifier storage means. 

10. The data transmission apparatus according to 
daim 6 or 7 characterized in that said identifier 
transmission means transmits the identifier when 
the authentication and key exchange process is 
performed, and also transmits the identifier in 
response to a request from said data reception 
apparatus. 

11. The data reception apparatus according to claim 8 
or 9, characterized by further comprising 

identifier request means requesting said data 
transmission apparatus to transmit the identi- 
fier when the reception process is suspended 
and then resumes. 



a reception side authentication and key 
exchange means performing an authentication 
and key exchange process with a data trans- 
mission apparatus; 25 
key restoration means restoring a work key by 
decrypting an encrypted work key converted by 
performing a second encryption process on the 
work key using a control key said restoring 
process being performed using the control key 30 
obtained through said reception side authenti- 
cation and key exchange means; 
decryption means restoring digital data by 
decrypting encrypted digital data converted by 
performing a first encryption process on the 35 
digital data using the work key, said decrypting 
process being performed using the work key 
restored by said key restoration means; and 
identifier recognition means determining 
whether or not the control key has been 40 
updated by referring to an identifier identifying 
the control key transmitted from said data 
transmission apparatus at least when a recep- 
tion process is suspended and then resumed, 
and, when K is determined that the control key 45 
has been updated, instructing said reception 
side authentication and key exchange means 
to perform again the authentication and key 
exchange process to obtain the updated con- 
trol key so 

9. The data reception apparatus according to claim 8, 
characterized by further comprising: 

identifier storage means storing the identifier. ss 
in which said identifier recognition means 
determines whether or not the control key has 
been updated by comparing a latest identifier 



12. The data transmission apparatus according to 
claim 6 or 7, characterized in that said identifier 
transmission means periodically or non-periodically 
transmit the identifier to said data reception appara- 
tus. 

13. The data transmission apparatus according to 
claim 12, characterized in that said identifier trans- 
mission means transmits to said data reception 
apparatus the identifier corresponding to the control 
key used when the second encryption process is 
performed on the updateoVgenerated work key 
each time the work key is updateoVgenerated. 

14. A data transmission and reception system, charac- 
terized by comprising: 

a data transmission apparatus according to 
any one of claims 6, 7 f 12, and 13, and a data 
reception apparatus according to claim 8 or 9; 
or 

a data transmission apparatus according to 
claim 10, and a data reception apparatus 
according to claim 1 1 . 

15. A computer readable program recording medium, 
characterized by storing a program for directing a 
computer to perform each function of all or a part of 
each component of the data transmission appara- 
tus or the data reception apparatus according to 
any one of claims 6 through 1 3. 

16. An AV contents transmitting method, characterized 
by comprising the step of: 

encrypting and transmitting AV contents in a 
second encryption method which can be used 
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by an AV contents reception apparatus which 
cannot use a first encrypting method and 
issues an authentication request when an AV 
contents transmission apparatus transmits the 
AV contents encrypted in the first encrypting 
method using a transmission line. 

17. The AV contents transmitting method according to 
claim 16, characterized in that when the authentica- 
tion request is issued, and when there is an AV con- 
tents reception apparatus which receives and 

- decrypts AV contents encrypted in the first encrypt- 
ing method in addition to an AV contents reception 
apparatus which has issued the authentication 
request, the AV contents reception apparatus which 
receives and decrypts the AV contents in the first 
encrypting method is notified that an encrypting 
method is switched into the second encrypting 
method. 

18. The AV contents transmitting method according to 
claim 17, characterized in that a notification of 
switching the encrypting method is given in a pre- 
determined command or is added to the AV con- 
tents. 

19. The AV contents transmitting method according to 
claim 18, characterized in that information about 
what encrypting method is used as the second 
encrypting method after the switch is given in a pre- 
determined command or is added to the AV con- 
tents. 

20. The AV contents transmitting method according to 
claim 18, characterized in that an encryption key or 
a seed of the encryption key used in the second 
encrypting method after the switch is given in a pre- 
determined command or is added to the AV con- 
tents. 

21. The AV contents transmitting method according to 
claim 16, characterized in that a switching timing of 
the encrypting method is an updating timing for an 
encryption key in the first encrypting method used 
before the authentication request is issued. 

22. The AV contents transmitting method according to 
claim 1 7, characterized in that a notification that the 
encrypting method is to be switched into the second 
encrypting method, and information about a switch- 
ing timing of the encrypting method are transmitted 
to at least the AV contents reception apparatus 
which receives and decrypts the AV contents 
encrypted in the first encrypting method. 

23. The AV contents transmitting method according to 
claim 16, characterized in that: 



said AV contents transmission apparatus 
stores an AV contents reception apparatus 
which issued the authentication request; and 
it is determined whether or not a command 

5 requesting an encryption key for decryption of 

the AV contents or a seed of the encryption key 
is received from the AV contents reception 
apparatus, and when the command is not 
received, the encrypting method is switched 

10 from the second encrypting method to the first 

encrypting method. 



24. Trie AV contents transmitting method according to 
claim 16, characterized in that: 

15 

said AV contents transmission apparatus 
checks the encrypting method available by 
each of the AV contents reception apparatus 
which issued the authentication request and 

20 the other AV contents reception apparatus; and 

when an AV contents reception apparatus 
transmitting a command requesting an encryp- 
tion key for decryption of the AV contents and 
the seed of the encryption key is an AV con- 

25 tents reception apparatus capable of using the 

first encrypting method, the encrypting method 
is switched from the second encrypting method 
to the first encrypting method. 

30 25. A program recording medium, characterized by 
storing a program for directing a computer to per- 
form each function of all or a part of each step of the 
AV contents transmitting method according to any 
one of claims 16 through 24. 

35 

26. An AV contents receiving method, characterized by 
comprising the steps of: 

receiving AV contents transmitted from the AV 
40 contents transmitting method according to any 

one of claims 16 through 24; and 
decrypting the encrypted AV contents, based 
on an encrypting method used when the AV 
contents are encrypted and using an encryp- 
45 tion key used in the encrypting method or a 

seed of the encryption key. 

27. The AV contents receiving method according to 
claim 26, characterized in that: 

50 

there is information about switching the 
encrypting method transmitted together with or 
in the AV contents in the AV contents transmit- 
ting method according to any one of claims 16 
55 through 24; and 

when the information contains none or one of 
the information about what encrypting method 
is used after the switch, and the encryption key 
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used in the encrypting method or a seed ol the 
encryption key, 

the information about what encrypting method 
is used after the switch, or the encryption key 
used in the encrypting method or a seed of the s 
encryption key, whichever is not contained in 
the information relating to the switch of the 
encrypting method, is to be transmitted to the 
AV contents transmission apparatus. 

w 

28. A program recording medium, characterized by 
storing a program for directing a computer to per- 
form each function of all or a part of each step of the 
AV contents receiving method according to claim 
26 or 27. is 

29. An AV contents transmission apparatus, character- 
ized by comprising: 

encrypting method selection means selecting 20 
an encrypting method used when AV contents 
to be transmitted are encrypted; 
encryption key generation means generating 
an encryption key fa encrypting AV contents 
corresponding to the encrypting method 25 
selected by said encrypting method selection 
means; 

encryption means receiving AV contents, also 
receiving the encryption key from the encryp- 
tion key generation means, and encrypting the 30 
AV contents; and 

a transmission side authentication and key 
exchange means performing an authentication 
and key exchange process with an AV contents 
reception apparatus, wherein 35 
when the AV contents reception apparatus is 
transmitting the AV contents encrypted in the 
first encrypting method selected by said 
encrypting method selection means, and when 
the AV contents reception apparatus which 40 
cannot use the first encrypting method issues 
an authentication request, the transmission 
side authentication and key exchange means 
performs an authentication process with the AV 
contents reception apparatus which issued the <s 
authentication request, and 
said encrypting method selection means 
switches the encrypting method into the sec- 
ond encrypting method the AV contents recep- 
tion apparatus which issued the authentication so 
request can use. 

30. The AV contents transmission apparatus according 
to claim 29, characterized by further comprising an 
encrypting method notification means issues a noti- 55 
fication that the encrypting method is switched into 
the second encrypting method to an AV contents 
reception apparatus which is provided in addition to 
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the AV contents reception apparatus which issues 
an authentication request, and receives and 
decrypts the AV contents encrypted in the first 
encrypting method. 

31. The AV contents transmission apparatus according 
to claim 29, characterized in that; 

said encryption key generation means periodi- 
cally or non-periodically updates the encryption 
key; 

said encrypting method selection means 
switches the encrypting method into the sec- 
ond encrypting method at a timing of said 
encryption key generation means updating the 
encryption key in the first encrypting method. 

32. The AV contents transmission apparatus according 
to claim 29, characterized in that 

said transmission side authentication' and key 
exchange means stores an AV contents recep- 
tion apparatus which issued the authentication 
request, and 

it is determined whether or not a command 
requesting an encryption key for decryption of 
the AV contents or a seed of the encryption key 
is received from the AV contents reception 
apparatus; and 

when the command is not received, said 
encryption key generation means switches the 
encrypting method from the second encrypting 
method to the first encrypting method. 

33. The AV contents transmission method according to 
claim 29, characterized in that: 

said transmission side authentication and key 
exchange means checks the encrypting 
method available by each of the AV contents 
reception apparatus which issued the authenti- 
cation request and the other AV contents 
reception apparatus; and 
when an AV contents reception apparatus 
transmitting a command requesting an encryp- 
tion key for decryption of the AV contents and 
the seed of the encryption key is an AV con- 
tents reception apparatus capable of using the 
first encrypting method, said encryption key 
generation means switches the encrypting 
method from the second encrypting method to 
the first encrypting method. 

34. The AV contents reception apparatus according to 
any one of claims 29 through 33, characterized by 
further comprising: 

a reception side authentication and key 



23 



45 



EP 0 994 599 A1 



46 



updated white the reception process is sus- 
pended by referring to the identifier transmitted 
from the transmission side when the reception 
process is suspended and then resumed, and, 
when it is determined that the control key has 
been updated, obtains the updated control key 
by performing again the authentication and key 
exchange process. 

37. (Added) A data transmission apparatus, char- 
acterized by comprising: 



encryption means performing an encrypting 
process on digital data using a work key, con- 
15 verting the data into encrypted digital data, and 

transmitting a result to a data reception appara- 
tus; 

control key update/generation means periodi- 
cally or non-periodically updating/generating a 
20 control key required to obtain the work key; 

a transmission side authentication and key 
exchange means performing an authentication 
and key exchange process with said data 
reception apparatus; 
25 identifier generation means generating an 

identifier identifying the control key; and 
identifier transmission means transmitting the 
identifier to said data reception apparatus. 

30 38. (Added) A data reception apparatus, character- 
ized by comprising: 

reception means receiving encrypted digital 
data obtained by encrypting digital data using a 
35 work key; 



exchange means performing an authentication 
and key exchange process with said AV con- 
tents reception apparatus; 
encrypting method storage means receiving 
and information about an encrypting method 
used in encrypting AV contents from said AV 
contents transmission apparatus; and 
decryption means receiving encrypted AV con- 
tents from the AV contents transmission appa- 
ratus, receiving an encryption key or a seed of 
the encryption key from said AV contents trans- 
_ mission apparatus, and decrypting the 
encrypted AV contents using the encryption 
key of the seed of the encryption key based on 
the encrypting method stored in said encrypt- 
ing method storage means. 

35. The AV contents reception apparatus according to 
claim 34, characterized by further comprising: 

request means requesting transmitting infor- 
mation such that; 

there is information about switching the 
encrypting method transmitted together with or 
in the AV contents from the AV contents trans- 
mission apparatus according to any one of 
claims 29 through 33. and 
when the information contains none or one of 
the information about what encrypting method 
is used after the switch, and the encryption key 
used in the encrypting method or a seed of the 
encryption key, 

the information about what encrypting method 
is used after the switch, or the encryption key 
used in the encrypting method or a seed of the 
encryption key, whichever is not contained in 
the information is to be transmitted. 

Amended claims under Art 19.1 PCT 

40 

36. (Added) A data transmission and reception 
method, characterized in that: 

on a transmission side, encrypted digital data 
obtained by performing an encryption process 45 
on digital data using a work key is transmitted; 
on a reception side, a control key required to 
obtain the work key is obtained by performing 
an authentication and key exchange process 
with said transmission side, and the received so 
encrypted digital data is decrypted using the 
work key obtained using the control key to 
obtain the digital data, characterized in that: 
said transmission side periodically and non- 
periodically updates the control key. assigns an 55 
identifier identifying the control, key for each 
control key, said reception side determines 
whether or not the control key has been 



a reception side authentication and key 
exchange means performing an authentication 
and key exchange process with a data trans- 
mission apparatus; 

a control key obtaining means obtaining a con- 
trol key required to obtain the work key through 
the reception side authentication and key 
exchange means; 

decryption means decrypting the encrypted 
digital data using the work key generated using 
the control key to restoring the digital data; and 
identifier recognition means determining 
whether or not the control key has been 
updated by referring to an identifier identifying 
the control key transmitted from the data trans- 
mission apparatus when the receiving process 
is suspended and then resumed, and, when it 
is determined that the control key has been 
updated, the updated control key is obtained by 
performing again the authentication and key 
exchange process with the reception side 
authentication and key exchange means. 
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